2020-12-02 01:51:49 -06:00
|
|
|
|
# ipatests enabled by default, can be disabled with --without ipatests
|
|
|
|
|
%bcond_without ipatests
|
|
|
|
|
# default to not use XML-RPC in Rawhide, can be turned around with --with ipa_join_xml
|
|
|
|
|
# On RHEL 8 we should use --with ipa_join_xml
|
|
|
|
|
%bcond_with ipa_join_xml
|
|
|
|
|
|
|
|
|
|
# Linting is disabled by default, needed for upstream testing
|
|
|
|
|
%bcond_with lint
|
|
|
|
|
|
|
|
|
|
# Build documentation with sphinx
|
|
|
|
|
%bcond_with doc
|
|
|
|
|
|
|
|
|
|
# Build Python wheels
|
|
|
|
|
%bcond_with wheels
|
|
|
|
|
|
2018-02-12 04:34:33 -06:00
|
|
|
|
# 389-ds-base 1.4 no longer supports i686 platform, build only client
|
|
|
|
|
# packages, https://bugzilla.redhat.com/show_bug.cgi?id=1544386
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%ifarch %{ix86}
|
|
|
|
|
%{!?ONLY_CLIENT:%global ONLY_CLIENT 1}
|
2018-02-12 04:34:33 -06:00
|
|
|
|
%endif
|
|
|
|
|
|
2016-08-25 03:59:34 -05:00
|
|
|
|
# Define ONLY_CLIENT to only make the ipa-client and ipa-python
|
2014-10-03 07:12:35 -05:00
|
|
|
|
# subpackages
|
2010-01-07 13:12:52 -06:00
|
|
|
|
%{!?ONLY_CLIENT:%global ONLY_CLIENT 0}
|
2017-03-15 01:48:29 -05:00
|
|
|
|
%if %{ONLY_CLIENT}
|
|
|
|
|
%global enable_server_option --disable-server
|
|
|
|
|
%else
|
|
|
|
|
%global enable_server_option --enable-server
|
|
|
|
|
%endif
|
2009-10-12 15:00:00 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{ONLY_CLIENT}
|
2018-07-17 06:29:10 -05:00
|
|
|
|
%global with_ipatests 0
|
|
|
|
|
%endif
|
2020-12-02 01:51:49 -06:00
|
|
|
|
|
|
|
|
|
# Whether to build ipatests
|
|
|
|
|
%if %{with ipatests}
|
2017-03-15 03:30:14 -05:00
|
|
|
|
%global with_ipatests_option --with-ipatests
|
|
|
|
|
%else
|
|
|
|
|
%global with_ipatests_option --without-ipatests
|
|
|
|
|
%endif
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# Whether to use XML-RPC with ipa-join
|
|
|
|
|
%if %{with ipa_join_xml}
|
2020-05-31 18:53:25 -05:00
|
|
|
|
%global with_ipa_join_xml_option --with-ipa-join-xml
|
|
|
|
|
%else
|
|
|
|
|
%global with_ipa_join_xml_option --without-ipa-join-xml
|
|
|
|
|
%endif
|
|
|
|
|
|
2016-10-12 06:27:16 -05:00
|
|
|
|
# lint is not executed during rpmbuild
|
2016-12-05 05:17:54 -06:00
|
|
|
|
# %%global with_lint 1
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with lint}
|
2017-02-22 12:19:35 -06:00
|
|
|
|
%global linter_options --enable-pylint --with-jslint
|
2017-01-11 08:02:09 -06:00
|
|
|
|
%else
|
2017-02-22 12:19:35 -06:00
|
|
|
|
%global linter_options --disable-pylint --without-jslint
|
2017-01-11 08:02:09 -06:00
|
|
|
|
%endif
|
2016-10-12 06:27:16 -05:00
|
|
|
|
|
2020-02-14 10:43:36 -06:00
|
|
|
|
# Include SELinux subpackage
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?fedora} >= 30 || 0%{?rhel} >= 8
|
2020-02-14 10:43:36 -06:00
|
|
|
|
%global with_selinux 1
|
|
|
|
|
%global selinuxtype targeted
|
|
|
|
|
%global modulename ipa
|
|
|
|
|
%endif
|
|
|
|
|
|
2014-10-03 07:12:35 -05:00
|
|
|
|
%if 0%{?rhel}
|
2018-07-17 06:29:10 -05:00
|
|
|
|
%global package_name ipa
|
|
|
|
|
%global alt_name freeipa
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%global krb5_version 1.18.2-2
|
2020-06-17 03:56:21 -05:00
|
|
|
|
%global krb5_kdb_version 8.0
|
2017-04-25 07:13:00 -05:00
|
|
|
|
# 0.7.16: https://github.com/drkjam/netaddr/issues/71
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%global python_netaddr_version 0.7.19
|
2017-07-12 10:29:30 -05:00
|
|
|
|
# Require 4.7.0 which brings Python 3 bindings
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%global samba_version 4.12.3-12
|
|
|
|
|
%global selinux_policy_version 3.14.3-52
|
|
|
|
|
%global slapi_nis_version 0.56.4
|
2018-05-29 13:02:10 -05:00
|
|
|
|
%global python_ldap_version 3.1.0-1
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# python3-lib389
|
|
|
|
|
# Fix for "Installation fails: Replica Busy"
|
|
|
|
|
# https://pagure.io/389-ds-base/issue/49818
|
|
|
|
|
%global ds_version 1.4.2.4-6
|
2019-11-22 02:02:02 -06:00
|
|
|
|
# Fix for TLS 1.3 PHA, RHBZ#1775158
|
|
|
|
|
%global httpd_version 2.4.37-21
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%global bind_version 9.11.20-6
|
2018-02-19 03:36:08 -06:00
|
|
|
|
|
2014-10-03 07:12:35 -05:00
|
|
|
|
%else
|
2018-07-17 06:29:10 -05:00
|
|
|
|
# Fedora
|
|
|
|
|
%global package_name freeipa
|
|
|
|
|
%global alt_name ipa
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# Fix for CVE-2020-28196
|
|
|
|
|
%global krb5_version 1.18.2-29
|
2017-04-25 07:13:00 -05:00
|
|
|
|
# 0.7.16: https://github.com/drkjam/netaddr/issues/71
|
|
|
|
|
%global python_netaddr_version 0.7.16
|
2017-07-12 10:29:30 -05:00
|
|
|
|
# Require 4.7.0 which brings Python 3 bindings
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# Require 4.12 which has DsRGetForestTrustInformation access rights fixes
|
|
|
|
|
%global samba_version 2:4.12.10
|
|
|
|
|
|
|
|
|
|
# 3.14.5-45 or later includes a number of interfaces fixes for IPA interface
|
|
|
|
|
%global selinux_policy_version 3.14.5-45
|
|
|
|
|
%global slapi_nis_version 0.56.5
|
2018-01-22 08:32:12 -06:00
|
|
|
|
|
2020-01-09 16:02:44 -06:00
|
|
|
|
%global krb5_kdb_version 8.0
|
|
|
|
|
|
2018-05-29 13:02:10 -05:00
|
|
|
|
# fix for segfault in python3-ldap, https://pagure.io/freeipa/issue/7324
|
|
|
|
|
%global python_ldap_version 3.1.0-1
|
2020-09-24 05:32:37 -05:00
|
|
|
|
# 1.4.3 moved nsslapd-db-locks to cn=bdb sub-entry
|
|
|
|
|
# https://pagure.io/freeipa/issue/8515
|
|
|
|
|
%global ds_version 1.4.3
|
2018-04-25 01:38:28 -05:00
|
|
|
|
|
2019-11-22 02:02:02 -06:00
|
|
|
|
# Fix for TLS 1.3 PHA, RHBZ#1775146
|
|
|
|
|
%global httpd_version 2.4.41-9
|
2020-12-02 01:51:49 -06:00
|
|
|
|
|
|
|
|
|
%global bind_version 9.11.24-1
|
|
|
|
|
# Don't use Fedora's Python dependency generator on Fedora 30/rawhide yet.
|
|
|
|
|
# Some packages don't provide new dist aliases.
|
|
|
|
|
# https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/
|
|
|
|
|
%{?python_disable_dependency_generator}
|
|
|
|
|
# Fedora
|
2019-11-22 02:02:02 -06:00
|
|
|
|
%endif
|
|
|
|
|
|
2020-06-01 07:38:00 -05:00
|
|
|
|
# BIND employs 'pkcs11' OpenSSL engine instead of native PKCS11
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# Fedora 31+ uses OpenSSL engine, as well as Fedora ELN (RHEL9)
|
|
|
|
|
%if 0%{?fedora} || 0%{?rhel} >= 9
|
2020-06-01 07:38:00 -05:00
|
|
|
|
%global openssl_pkcs11_version 0.4.10-6
|
|
|
|
|
%global softhsm_version 2.5.0-4
|
|
|
|
|
%else
|
|
|
|
|
%global with_bind_pkcs11 1
|
|
|
|
|
%endif
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?rhel} == 8
|
|
|
|
|
# PKIConnection has been modified to always validate certs.
|
|
|
|
|
# https://pagure.io/freeipa/issue/8379
|
2021-02-05 08:00:54 -06:00
|
|
|
|
%global pki_version 10.10.4-1
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%else
|
2020-11-16 08:42:52 -06:00
|
|
|
|
# New KRA profile, ACME support
|
|
|
|
|
# https://pagure.io/freeipa/issue/8545
|
2021-02-05 08:00:54 -06:00
|
|
|
|
%global pki_version 10.10.3-1
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%endif
|
2018-04-30 01:25:23 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# RHEL 8.3+, F32+ has 0.79.13
|
|
|
|
|
%global certmonger_version 0.79.7-3
|
2019-02-21 18:37:12 -06:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# RHEL 8.2+, F32+ has 3.58
|
|
|
|
|
%global nss_version 3.44.0-4
|
2017-12-04 10:29:05 -06:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# RHEL 8.3+, F32+
|
|
|
|
|
%global sssd_version 2.4.0
|
2018-09-27 05:12:07 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%define krb5_base_version %(LC_ALL=C /usr/bin/pkgconf --modversion krb5 | grep -Eo '^[^.]+\.[^.]+' || echo %krb5_version)
|
|
|
|
|
%global kdcproxy_version 0.4-3
|
2015-07-15 03:45:53 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?fedora} >= 33 || 0%{?rhel} >= 9
|
2020-10-06 06:50:03 -05:00
|
|
|
|
# systemd with resolved enabled
|
|
|
|
|
# see https://pagure.io/freeipa/issue/8275
|
|
|
|
|
%global systemd_version 246.6-3
|
|
|
|
|
%else
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%global systemd_version 239
|
2020-10-06 06:50:03 -05:00
|
|
|
|
%endif
|
|
|
|
|
|
2010-01-07 13:12:52 -06:00
|
|
|
|
%global plugin_dir %{_libdir}/dirsrv/plugins
|
2015-04-28 09:24:02 -05:00
|
|
|
|
%global etc_systemd_dir %{_sysconfdir}/systemd/system
|
2010-02-09 12:14:25 -06:00
|
|
|
|
%global gettext_domain ipa
|
2014-10-03 07:12:35 -05:00
|
|
|
|
|
2013-11-27 07:13:16 -06:00
|
|
|
|
%define _hardened_build 1
|
|
|
|
|
|
2016-10-21 15:35:28 -05:00
|
|
|
|
# Work-around fact that RPM SPEC parser does not accept
|
|
|
|
|
# "Version: @VERSION@" in freeipa.spec.in used for Autoconf string replacement
|
|
|
|
|
%define IPA_VERSION @VERSION@
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# Release candidate version -- uncomment with one percent for RC versions
|
|
|
|
|
#%%global rc_version rc1
|
2016-10-21 15:35:28 -05:00
|
|
|
|
%define AT_SIGN @
|
|
|
|
|
# redefine IPA_VERSION only if its value matches the Autoconf placeholder
|
|
|
|
|
%if "%{IPA_VERSION}" == "%{AT_SIGN}VERSION%{AT_SIGN}"
|
2019-09-23 16:11:55 -05:00
|
|
|
|
%define IPA_VERSION nonsense.to.please.RPM.SPEC.parser
|
2016-10-21 15:35:28 -05:00
|
|
|
|
%endif
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%define NON_DEVELOPER_BUILD ("%{lua: print(rpm.expand('%{suffix:%IPA_VERSION}'):find('^dev'))}" == "nil")
|
|
|
|
|
|
2018-07-17 06:29:10 -05:00
|
|
|
|
Name: %{package_name}
|
2016-10-21 15:35:28 -05:00
|
|
|
|
Version: %{IPA_VERSION}
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Release: 0%{?rc_version:.%rc_version}%{?dist}
|
2009-02-02 12:50:53 -06:00
|
|
|
|
Summary: The Identity, Policy and Audit system
|
|
|
|
|
|
2010-12-09 06:59:11 -06:00
|
|
|
|
License: GPLv3+
|
2009-02-02 12:50:53 -06:00
|
|
|
|
URL: http://www.freeipa.org/
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Source0: https://releases.pagure.org/freeipa/freeipa-%{version}%{?rc_version}.tar.gz
|
|
|
|
|
# Only use detached signature for the distribution builds. If it is a developer build, skip it
|
|
|
|
|
%if %{NON_DEVELOPER_BUILD}
|
|
|
|
|
Source1: https://releases.pagure.org/freeipa/freeipa-%{version}%{?rc_version}.tar.gz.asc
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
# RHEL spec file only: START: Change branding to IPA and Identity Management
|
|
|
|
|
# Moved branding logos and background to redhat-logos-ipa-80.4:
|
|
|
|
|
# header-logo.png, login-screen-background.jpg, login-screen-logo.png,
|
|
|
|
|
# product-name.png
|
|
|
|
|
# RHEL spec file only: END: Change branding to IPA and Identity Management
|
|
|
|
|
|
|
|
|
|
# RHEL spec file only: START
|
2021-02-08 11:30:49 -06:00
|
|
|
|
%if %{NON_DEVELOPER_BUILD}
|
|
|
|
|
%if 0%{?rhel} == 8
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Patch0001: 0001_util_Fix_client-only_build-upstream_5273.patch
|
|
|
|
|
Patch1001: 1001-Change-branding-to-IPA-and-Identity-Management.patch
|
|
|
|
|
Patch1002: 1002-4.8.0-Remove-csrgen.patch
|
|
|
|
|
Patch1003: 1003-Revert-WebUI-use-python3-rjsmin-to-minify-JavaScript.patch
|
|
|
|
|
%endif
|
2021-02-08 11:30:49 -06:00
|
|
|
|
%if 0%{?rhel} == 9
|
|
|
|
|
Patch1001: 1001-Change-branding-to-IPA-and-Identity-Management.patch
|
|
|
|
|
%endif
|
|
|
|
|
%endif
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# RHEL spec file only: END
|
|
|
|
|
|
|
|
|
|
# For the timestamp trick in patch application
|
|
|
|
|
BuildRequires: diffstat
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
|
|
|
|
BuildRequires: openldap-devel
|
2017-01-24 03:02:30 -06:00
|
|
|
|
# For KDB DAL version, make explicit dependency so that increase of version
|
|
|
|
|
# will cause the build to fail due to unsatisfied dependencies.
|
|
|
|
|
# DAL version change may cause code crash or memory leaks, it is better to fail early.
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: krb5-kdb-version = %{krb5_kdb_version}
|
2020-12-02 01:51:49 -06:00
|
|
|
|
BuildRequires: krb5-kdb-devel-version = %{krb5_kdb_version}
|
2017-04-25 07:35:34 -05:00
|
|
|
|
BuildRequires: krb5-devel >= %{krb5_version}
|
2020-11-10 04:55:21 -06:00
|
|
|
|
BuildRequires: pkgconfig(krb5)
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with ipa_join_xml}
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
# 1.27.4: xmlrpc_curl_xportparms.gssapi_delegation
|
2011-08-11 03:42:29 -05:00
|
|
|
|
BuildRequires: xmlrpc-c-devel >= 1.27.4
|
2020-05-31 18:53:25 -05:00
|
|
|
|
%else
|
2020-05-31 18:15:47 -05:00
|
|
|
|
BuildRequires: libcurl-devel
|
|
|
|
|
BuildRequires: jansson-devel
|
2020-05-31 18:53:25 -05:00
|
|
|
|
%endif
|
2011-02-21 12:04:38 -06:00
|
|
|
|
BuildRequires: popt-devel
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: gcc
|
|
|
|
|
BuildRequires: make
|
2020-12-02 01:51:49 -06:00
|
|
|
|
BuildRequires: pkgconfig
|
2020-11-10 04:55:21 -06:00
|
|
|
|
BuildRequires: pkgconf
|
2009-02-02 12:50:53 -06:00
|
|
|
|
BuildRequires: autoconf
|
|
|
|
|
BuildRequires: automake
|
2020-12-02 01:51:49 -06:00
|
|
|
|
BuildRequires: make
|
2011-02-21 12:04:38 -06:00
|
|
|
|
BuildRequires: libtool
|
|
|
|
|
BuildRequires: gettext
|
2016-11-11 15:54:13 -06:00
|
|
|
|
BuildRequires: gettext-devel
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
BuildRequires: python3-devel
|
2017-03-14 13:55:38 -05:00
|
|
|
|
BuildRequires: python3-setuptools
|
2020-10-06 06:50:03 -05:00
|
|
|
|
BuildRequires: systemd >= %{systemd_version}
|
2016-11-04 09:19:51 -05:00
|
|
|
|
# systemd-tmpfiles which is executed from make install requires apache user
|
|
|
|
|
BuildRequires: httpd
|
2017-03-15 01:48:29 -05:00
|
|
|
|
BuildRequires: nspr-devel
|
|
|
|
|
BuildRequires: openssl-devel
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
BuildRequires: libini_config-devel
|
|
|
|
|
BuildRequires: cyrus-sasl-devel
|
|
|
|
|
%if ! %{ONLY_CLIENT}
|
2019-02-01 04:27:47 -06:00
|
|
|
|
BuildRequires: 389-ds-base-devel >= %{ds_version}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: samba-devel >= %{samba_version}
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
BuildRequires: libtalloc-devel
|
|
|
|
|
BuildRequires: libtevent-devel
|
|
|
|
|
BuildRequires: libuuid-devel
|
2020-09-24 14:33:17 -05:00
|
|
|
|
BuildRequires: libpwquality-devel
|
2011-11-30 06:29:10 -06:00
|
|
|
|
BuildRequires: libsss_idmap-devel
|
2017-02-02 05:32:13 -06:00
|
|
|
|
BuildRequires: libsss_certmap-devel
|
2018-09-27 05:12:07 -05:00
|
|
|
|
BuildRequires: libsss_nss_idmap-devel >= %{sssd_version}
|
2019-07-16 09:49:36 -05:00
|
|
|
|
BuildRequires: nodejs(abi)
|
2020-06-17 07:02:43 -05:00
|
|
|
|
# use old dependency on RHEL 8 for now
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?fedora} >= 31 || 0%{?rhel} >= 9
|
2020-04-29 11:46:07 -05:00
|
|
|
|
BuildRequires: python3-rjsmin
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%else
|
|
|
|
|
BuildRequires: uglify-js
|
2020-06-17 07:02:43 -05:00
|
|
|
|
%endif
|
2013-04-11 13:03:25 -05:00
|
|
|
|
BuildRequires: libverto-devel
|
2013-07-16 10:47:27 -05:00
|
|
|
|
BuildRequires: libunistring-devel
|
2018-06-12 05:02:08 -05:00
|
|
|
|
# 0.13.0: https://bugzilla.redhat.com/show_bug.cgi?id=1584773
|
|
|
|
|
# 0.13.0-2: fix for missing dependency on python-six
|
|
|
|
|
BuildRequires: python3-lesscpy >= 0.13.0-2
|
2020-09-24 14:33:17 -05:00
|
|
|
|
BuildRequires: cracklib-dicts
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# ONLY_CLIENT
|
|
|
|
|
%endif
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
|
|
|
|
|
#
|
|
|
|
|
# Build dependencies for makeapi/makeaci
|
|
|
|
|
#
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-cffi
|
|
|
|
|
BuildRequires: python3-dns
|
|
|
|
|
BuildRequires: python3-ldap >= %{python_ldap_version}
|
|
|
|
|
BuildRequires: python3-libsss_nss_idmap
|
|
|
|
|
BuildRequires: python3-netaddr >= %{python_netaddr_version}
|
|
|
|
|
BuildRequires: python3-pyasn1
|
|
|
|
|
BuildRequires: python3-pyasn1-modules
|
|
|
|
|
BuildRequires: python3-six
|
2020-08-27 14:22:12 -05:00
|
|
|
|
BuildRequires: python3-psutil
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
|
2017-02-17 10:46:20 -06:00
|
|
|
|
#
|
2017-02-22 02:21:35 -06:00
|
|
|
|
# Build dependencies for wheel packaging and PyPI upload
|
2017-02-17 10:46:20 -06:00
|
|
|
|
#
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with wheels}
|
2017-01-17 05:16:25 -06:00
|
|
|
|
BuildRequires: dbus-glib-devel
|
2016-11-17 09:43:17 -06:00
|
|
|
|
BuildRequires: libffi-devel
|
|
|
|
|
BuildRequires: python3-tox
|
2019-02-07 04:29:36 -06:00
|
|
|
|
%if 0%{?fedora} <= 28
|
2017-02-22 02:21:35 -06:00
|
|
|
|
BuildRequires: python3-twine
|
2019-02-07 04:29:36 -06:00
|
|
|
|
%else
|
|
|
|
|
BuildRequires: twine
|
|
|
|
|
%endif
|
2017-02-17 10:46:20 -06:00
|
|
|
|
BuildRequires: python3-wheel
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# with_wheels
|
|
|
|
|
%endif
|
2017-02-17 10:46:20 -06:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with doc}
|
2020-03-18 03:01:21 -05:00
|
|
|
|
BuildRequires: python3-sphinx
|
2020-03-20 06:50:30 -05:00
|
|
|
|
BuildRequires: python3-m2r
|
2020-03-18 03:01:21 -05:00
|
|
|
|
%endif
|
|
|
|
|
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
#
|
2017-12-11 00:57:40 -06:00
|
|
|
|
# Build dependencies for lint and fastcheck
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
#
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with lint}
|
2020-09-22 07:52:31 -05:00
|
|
|
|
BuildRequires: git
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: jsl
|
2020-08-26 09:02:25 -05:00
|
|
|
|
BuildRequires: nss-tools
|
2018-09-28 05:51:39 -05:00
|
|
|
|
BuildRequires: rpmlint
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: softhsm
|
2020-12-02 01:51:49 -06:00
|
|
|
|
|
2020-08-07 02:10:52 -05:00
|
|
|
|
BuildRequires: keyutils
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-augeas
|
|
|
|
|
BuildRequires: python3-cffi
|
2017-01-02 06:53:18 -06:00
|
|
|
|
BuildRequires: python3-cryptography >= 1.6
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-custodia >= 0.3.1
|
|
|
|
|
BuildRequires: python3-dateutil
|
|
|
|
|
BuildRequires: python3-dbus
|
|
|
|
|
BuildRequires: python3-dns >= 1.15
|
2020-02-17 07:24:56 -06:00
|
|
|
|
BuildRequires: python3-docker
|
2016-11-30 06:38:07 -06:00
|
|
|
|
BuildRequires: python3-gssapi >= 1.2.0
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-jinja2
|
|
|
|
|
BuildRequires: python3-jwcrypto >= 0.4.2
|
|
|
|
|
BuildRequires: python3-ldap >= %{python_ldap_version}
|
|
|
|
|
BuildRequires: python3-ldap >= %{python_ldap_version}
|
2019-02-01 04:27:47 -06:00
|
|
|
|
BuildRequires: python3-lib389 >= %{ds_version}
|
2016-11-30 06:38:07 -06:00
|
|
|
|
BuildRequires: python3-libipa_hbac
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-libsss_nss_idmap
|
2016-11-30 06:38:07 -06:00
|
|
|
|
BuildRequires: python3-lxml
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-netaddr >= %{python_netaddr_version}
|
|
|
|
|
BuildRequires: python3-netifaces
|
|
|
|
|
BuildRequires: python3-paste
|
2021-01-20 11:21:22 -06:00
|
|
|
|
BuildRequires: python3-pexpect
|
2018-03-14 12:32:39 -05:00
|
|
|
|
BuildRequires: python3-pki >= %{pki_version}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-polib
|
|
|
|
|
BuildRequires: python3-pyasn1
|
|
|
|
|
BuildRequires: python3-pyasn1-modules
|
|
|
|
|
BuildRequires: python3-pycodestyle
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?fedora} || 0%{?rhel} > 8
|
2018-11-12 03:16:55 -06:00
|
|
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1648299
|
|
|
|
|
BuildRequires: python3-pylint >= 2.1.1-2
|
|
|
|
|
%else
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-pylint >= 1.7
|
2018-11-12 03:16:55 -06:00
|
|
|
|
%endif
|
2016-11-30 06:38:07 -06:00
|
|
|
|
BuildRequires: python3-pytest-multihost
|
|
|
|
|
BuildRequires: python3-pytest-sourceorder
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-qrcode-core >= 5.0.0
|
|
|
|
|
BuildRequires: python3-samba
|
|
|
|
|
BuildRequires: python3-six
|
2016-11-30 06:38:07 -06:00
|
|
|
|
BuildRequires: python3-sss
|
|
|
|
|
BuildRequires: python3-sss-murmur
|
2018-09-27 05:12:07 -05:00
|
|
|
|
BuildRequires: python3-sssdconfig >= %{sssd_version}
|
2016-11-30 06:38:07 -06:00
|
|
|
|
BuildRequires: python3-systemd
|
2020-08-04 04:41:11 -05:00
|
|
|
|
BuildRequires: python3-yaml
|
2018-05-29 13:02:10 -05:00
|
|
|
|
BuildRequires: python3-yubico
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# with_lint
|
|
|
|
|
%endif
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
#
|
2015-11-13 01:11:38 -06:00
|
|
|
|
# Build dependencies for unit tests
|
spec file: clean up BuildRequires
Add missing cyrus-sasl-devel, python-cffi, python-custodia,
python-dateutil, python-nose, python-paste, python-sss-murmur,
python-sssdconfig and systemd-python BuildRequires.
Remove unused custodia, java-headless, m4, policycoreutils,
python-kdcproxy, python-rhsm, pyOpenSSL and systemd-units BuildRequires.
Correct versioned BuildRequires and provide explanatory comments.
https://fedorahosted.org/freeipa/ticket/6418
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-10-12 06:20:32 -05:00
|
|
|
|
#
|
|
|
|
|
%if ! %{ONLY_CLIENT}
|
2015-11-13 01:11:38 -06:00
|
|
|
|
BuildRequires: libcmocka-devel
|
2016-08-05 01:34:23 -05:00
|
|
|
|
# Required by ipa_kdb_tests
|
2019-08-30 04:29:59 -05:00
|
|
|
|
BuildRequires: krb5-server >= %{krb5_version}
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# ONLY_CLIENT
|
|
|
|
|
%endif
|
2015-11-03 09:39:40 -06:00
|
|
|
|
|
2020-02-14 10:43:36 -06:00
|
|
|
|
# Build dependencies for SELinux policy
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with selinux}
|
|
|
|
|
BuildRequires: selinux-policy-devel >= %{selinux_policy_version}
|
2020-02-14 10:43:36 -06:00
|
|
|
|
%endif
|
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%description
|
2015-09-21 08:56:36 -05:00
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-10-12 15:00:00 -05:00
|
|
|
|
%if ! %{ONLY_CLIENT}
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%package server
|
|
|
|
|
Summary: The IPA authentication server
|
2015-12-07 06:52:38 -06:00
|
|
|
|
Requires: %{name}-server-common = %{version}-%{release}
|
2009-02-02 12:50:53 -06:00
|
|
|
|
Requires: %{name}-client = %{version}-%{release}
|
2015-12-07 06:52:38 -06:00
|
|
|
|
Requires: %{name}-common = %{version}-%{release}
|
2017-06-21 10:08:18 -05:00
|
|
|
|
Requires: python3-ipaserver = %{version}-%{release}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-ldap >= %{python_ldap_version}
|
2019-02-01 04:27:47 -06:00
|
|
|
|
Requires: 389-ds-base >= %{ds_version}
|
2013-05-10 06:50:21 -05:00
|
|
|
|
Requires: openldap-clients > 2.4.35-4
|
2018-04-30 01:25:23 -05:00
|
|
|
|
Requires: nss-tools >= %{nss_version}
|
2017-04-25 07:35:34 -05:00
|
|
|
|
Requires(post): krb5-server >= %{krb5_version}
|
2019-04-08 14:26:11 -05:00
|
|
|
|
Requires(post): krb5-server >= %{krb5_base_version}
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Requires: krb5-kdb-version = %{krb5_kdb_version}
|
2017-04-25 07:35:34 -05:00
|
|
|
|
Requires: krb5-pkinit-openssl >= %{krb5_version}
|
2011-07-22 08:06:13 -05:00
|
|
|
|
Requires: cyrus-sasl-gssapi%{?_isa}
|
2018-02-22 02:33:13 -06:00
|
|
|
|
Requires: chrony
|
2019-11-22 02:02:02 -06:00
|
|
|
|
Requires: httpd >= %{httpd_version}
|
2017-10-25 09:09:28 -05:00
|
|
|
|
Requires(preun): python3
|
|
|
|
|
Requires(postun): python3
|
|
|
|
|
Requires: python3-gssapi >= 1.2.0-5
|
|
|
|
|
Requires: python3-systemd
|
2017-11-20 09:12:45 -06:00
|
|
|
|
Requires: python3-mod_wsgi
|
2016-08-19 08:23:55 -05:00
|
|
|
|
Requires: mod_auth_gssapi >= 1.5.0
|
2019-11-22 02:02:02 -06:00
|
|
|
|
Requires: mod_ssl >= %{httpd_version}
|
|
|
|
|
Requires: mod_session >= %{httpd_version}
|
2017-03-23 02:43:51 -05:00
|
|
|
|
# 0.9.9: https://github.com/adelton/mod_lookup_identity/pull/3
|
|
|
|
|
Requires: mod_lookup_identity >= 0.9.9
|
2009-02-02 12:50:53 -06:00
|
|
|
|
Requires: acl
|
2020-10-06 06:50:03 -05:00
|
|
|
|
Requires: systemd-units >= %{systemd_version}
|
|
|
|
|
Requires(pre): systemd-units >= %{systemd_version}
|
|
|
|
|
Requires(post): systemd-units >= %{systemd_version}
|
|
|
|
|
Requires(preun): systemd-units >= %{systemd_version}
|
|
|
|
|
Requires(postun): systemd-units >= %{systemd_version}
|
2015-06-23 10:01:00 -05:00
|
|
|
|
Requires(pre): shadow-utils
|
2014-10-03 07:12:35 -05:00
|
|
|
|
Requires: selinux-policy >= %{selinux_policy_version}
|
2015-08-25 07:14:25 -05:00
|
|
|
|
Requires(post): selinux-policy-base >= %{selinux_policy_version}
|
2016-08-04 01:58:50 -05:00
|
|
|
|
Requires: slapi-nis >= %{slapi_nis_version}
|
2018-03-14 12:32:39 -05:00
|
|
|
|
Requires: pki-ca >= %{pki_version}
|
|
|
|
|
Requires: pki-kra >= %{pki_version}
|
2020-09-18 00:30:50 -05:00
|
|
|
|
# pki-acme package was split out in pki-10.10.0
|
|
|
|
|
Requires: (pki-acme >= %{pki_version} if pki-ca >= 10.10.0)
|
2014-10-03 07:12:35 -05:00
|
|
|
|
Requires: policycoreutils >= 2.1.12-5
|
2012-11-14 09:45:41 -06:00
|
|
|
|
Requires: tar
|
2019-02-21 18:37:12 -06:00
|
|
|
|
Requires(pre): certmonger >= %{certmonger_version}
|
2019-02-01 04:27:47 -06:00
|
|
|
|
Requires(pre): 389-ds-base >= %{ds_version}
|
2013-12-04 09:15:20 -06:00
|
|
|
|
Requires: fontawesome-fonts
|
|
|
|
|
Requires: open-sans-fonts
|
2014-10-16 08:32:31 -05:00
|
|
|
|
Requires: openssl
|
2015-06-18 06:47:12 -05:00
|
|
|
|
Requires: softhsm >= 2.0.0rc1-1
|
2014-10-16 08:32:31 -05:00
|
|
|
|
Requires: p11-kit
|
2015-04-28 09:24:02 -05:00
|
|
|
|
Requires: %{etc_systemd_dir}
|
2015-09-17 10:09:33 -05:00
|
|
|
|
Requires: gzip
|
2015-12-09 01:18:21 -06:00
|
|
|
|
Requires: oddjob
|
2017-03-23 02:43:51 -05:00
|
|
|
|
# 0.7.0-2: https://pagure.io/gssproxy/pull-request/172
|
|
|
|
|
Requires: gssproxy >= 0.7.0-2
|
2018-09-27 05:12:07 -05:00
|
|
|
|
Requires: sssd-dbus >= %{sssd_version}
|
2020-09-24 14:33:17 -05:00
|
|
|
|
Requires: libpwquality
|
|
|
|
|
Requires: cracklib-dicts
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2015-11-09 05:15:59 -06:00
|
|
|
|
Provides: %{alt_name}-server = %{version}
|
2014-09-17 03:02:01 -05:00
|
|
|
|
Conflicts: %{alt_name}-server
|
|
|
|
|
Obsoletes: %{alt_name}-server < %{version}
|
|
|
|
|
|
2013-06-13 07:40:52 -05:00
|
|
|
|
# With FreeIPA 3.3, package freeipa-server-selinux was obsoleted as the
|
|
|
|
|
# entire SELinux policy is stored in the system policy
|
|
|
|
|
Obsoletes: freeipa-server-selinux < 3.3.0
|
|
|
|
|
|
2015-07-16 08:09:45 -05:00
|
|
|
|
# upgrade path from monolithic -server to -server + -server-dns
|
|
|
|
|
Obsoletes: %{name}-server <= 4.2.0
|
2011-09-09 05:30:00 -05:00
|
|
|
|
|
2013-04-30 13:35:19 -05:00
|
|
|
|
# Versions of nss-pam-ldapd < 0.8.4 require a mapping from uniqueMember to
|
|
|
|
|
# member.
|
|
|
|
|
Conflicts: nss-pam-ldapd < 0.8.4
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# RHEL spec file only: START: Do not build tests
|
|
|
|
|
%if 0%{?rhel} == 8
|
|
|
|
|
# ipa-tests subpackage was moved to separate srpm
|
|
|
|
|
Conflicts: ipa-tests < 3.3.3-9
|
|
|
|
|
%endif
|
|
|
|
|
# RHEL spec file only: END: Do not build tests
|
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%description server
|
2015-09-21 08:56:36 -05:00
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If you are installing an IPA server, you need to install this package.
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
|
|
|
|
|
2016-11-24 10:35:24 -06:00
|
|
|
|
%package -n python3-ipaserver
|
|
|
|
|
Summary: Python libraries used by IPA server
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
%{?python_provide:%python_provide python3-ipaserver}
|
|
|
|
|
Requires: %{name}-server-common = %{version}-%{release}
|
|
|
|
|
Requires: %{name}-common = %{version}-%{release}
|
2017-08-18 03:56:12 -05:00
|
|
|
|
# we need pre-requires since earlier versions may break upgrade
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires(pre): python3-ldap >= %{python_ldap_version}
|
|
|
|
|
Requires: python3-augeas
|
|
|
|
|
Requires: python3-custodia >= 0.3.1
|
2016-11-24 10:35:24 -06:00
|
|
|
|
Requires: python3-dbus
|
2016-12-14 03:12:05 -06:00
|
|
|
|
Requires: python3-dns >= 1.15
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-gssapi >= 1.2.0
|
|
|
|
|
Requires: python3-ipaclient = %{version}-%{release}
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Requires: python3-kdcproxy >= %{kdcproxy_version}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-lxml
|
2018-03-14 12:32:39 -05:00
|
|
|
|
Requires: python3-pki >= %{pki_version}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-pyasn1 >= 0.3.2-2
|
2018-09-27 05:12:07 -05:00
|
|
|
|
Requires: python3-sssdconfig >= %{sssd_version}
|
2020-08-27 14:22:12 -05:00
|
|
|
|
Requires: python3-psutil
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: rpm-libs
|
2019-11-18 03:40:44 -06:00
|
|
|
|
# Indirect dependency: use newer urllib3 with TLS 1.3 PHA support
|
|
|
|
|
%if 0%{?rhel}
|
|
|
|
|
Requires: python3-urllib3 >= 1.24.2-3
|
|
|
|
|
%else
|
|
|
|
|
Requires: python3-urllib3 >= 1.25.7
|
|
|
|
|
%endif
|
|
|
|
|
|
2016-11-24 10:35:24 -06:00
|
|
|
|
%description -n python3-ipaserver
|
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If you are installing an IPA server, you need to install this package.
|
|
|
|
|
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%package server-common
|
|
|
|
|
Summary: Common files used by IPA server
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
Requires: %{name}-client-common = %{version}-%{release}
|
2019-11-22 02:02:02 -06:00
|
|
|
|
Requires: httpd >= %{httpd_version}
|
2020-10-06 06:50:03 -05:00
|
|
|
|
Requires: systemd-units >= %{systemd_version}
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Requires: custodia >= 0.3.1
|
|
|
|
|
%if 0%{?rhel} >= 8
|
|
|
|
|
Requires: redhat-logos-ipa >= 80.4
|
|
|
|
|
%endif
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
|
|
|
|
Provides: %{alt_name}-server-common = %{version}
|
|
|
|
|
Conflicts: %{alt_name}-server-common
|
|
|
|
|
Obsoletes: %{alt_name}-server-common < %{version}
|
|
|
|
|
|
|
|
|
|
%description server-common
|
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If you are installing an IPA server, you need to install this package.
|
|
|
|
|
|
|
|
|
|
|
2015-07-16 08:09:45 -05:00
|
|
|
|
%package server-dns
|
|
|
|
|
Summary: IPA integrated DNS server with support for automatic DNSSEC signing
|
2015-12-07 06:52:38 -06:00
|
|
|
|
BuildArch: noarch
|
2015-07-16 08:09:45 -05:00
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Requires: bind-dyndb-ldap >= 11.2-2
|
|
|
|
|
Requires: bind >= %{bind_version}
|
|
|
|
|
Requires: bind-utils >= %{bind_version}
|
|
|
|
|
%if %{with bind_pkcs11}
|
|
|
|
|
Requires: bind-pkcs11 >= %{bind_version}
|
|
|
|
|
Requires: bind-pkcs11-utils >= %{bind_version}
|
2020-06-01 07:38:00 -05:00
|
|
|
|
%else
|
|
|
|
|
Requires: softhsm >= %{softhsm_version}
|
|
|
|
|
Requires: openssl-pkcs11 >= %{openssl_pkcs11_version}
|
|
|
|
|
%endif
|
2020-04-21 02:39:29 -05:00
|
|
|
|
# See https://bugzilla.redhat.com/show_bug.cgi?id=1825812
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# RHEL 8.3+ and Fedora 32+ have 2.1
|
2020-04-21 02:39:29 -05:00
|
|
|
|
Requires: opendnssec >= 2.1.6-5
|
2018-02-22 08:45:13 -06:00
|
|
|
|
%{?systemd_requires}
|
2015-07-16 08:09:45 -05:00
|
|
|
|
|
2015-11-09 05:15:59 -06:00
|
|
|
|
Provides: %{alt_name}-server-dns = %{version}
|
2015-07-16 08:09:45 -05:00
|
|
|
|
Conflicts: %{alt_name}-server-dns
|
|
|
|
|
Obsoletes: %{alt_name}-server-dns < %{version}
|
|
|
|
|
|
|
|
|
|
# upgrade path from monolithic -server to -server + -server-dns
|
|
|
|
|
Obsoletes: %{name}-server <= 4.2.0
|
|
|
|
|
|
|
|
|
|
%description server-dns
|
|
|
|
|
IPA integrated DNS server with support for automatic DNSSEC signing.
|
|
|
|
|
Integrated DNS server is BIND 9. OpenDNSSEC provides key management.
|
|
|
|
|
|
|
|
|
|
|
2012-02-28 05:24:41 -06:00
|
|
|
|
%package server-trust-ad
|
|
|
|
|
Summary: Virtual package to install packages required for Active Directory trusts
|
2015-12-07 06:52:38 -06:00
|
|
|
|
Requires: %{name}-server = %{version}-%{release}
|
|
|
|
|
Requires: %{name}-common = %{version}-%{release}
|
2017-07-12 10:29:30 -05:00
|
|
|
|
|
2014-10-03 07:12:35 -05:00
|
|
|
|
Requires: samba >= %{samba_version}
|
2012-10-01 08:32:36 -05:00
|
|
|
|
Requires: samba-winbind
|
|
|
|
|
Requires: libsss_idmap
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?rhel}
|
|
|
|
|
Obsoletes: ipa-idoverride-memberof-plugin <= 0.1
|
|
|
|
|
%endif
|
2017-10-25 09:10:41 -05:00
|
|
|
|
Requires(post): python3
|
2017-07-12 10:29:30 -05:00
|
|
|
|
Requires: python3-samba
|
|
|
|
|
Requires: python3-libsss_nss_idmap
|
|
|
|
|
Requires: python3-sss
|
|
|
|
|
|
2012-10-10 01:46:08 -05:00
|
|
|
|
# We use alternatives to divert winbind_krb5_locator.so plugin to libkrb5
|
|
|
|
|
# on the installes where server-trust-ad subpackage is installed because
|
|
|
|
|
# IPA AD trusts cannot be used at the same time with the locator plugin
|
|
|
|
|
# since Winbindd will be configured in a different mode
|
|
|
|
|
Requires(post): %{_sbindir}/update-alternatives
|
|
|
|
|
Requires(postun): %{_sbindir}/update-alternatives
|
|
|
|
|
Requires(preun): %{_sbindir}/update-alternatives
|
2012-02-28 05:24:41 -06:00
|
|
|
|
|
2015-11-09 05:15:59 -06:00
|
|
|
|
Provides: %{alt_name}-server-trust-ad = %{version}
|
2014-09-17 03:02:01 -05:00
|
|
|
|
Conflicts: %{alt_name}-server-trust-ad
|
|
|
|
|
Obsoletes: %{alt_name}-server-trust-ad < %{version}
|
|
|
|
|
|
2012-02-28 05:24:41 -06:00
|
|
|
|
%description server-trust-ad
|
2013-08-13 03:59:57 -05:00
|
|
|
|
Cross-realm trusts with Active Directory in IPA require working Samba 4
|
|
|
|
|
installation. This package is provided for convenience to install all required
|
|
|
|
|
dependencies at once.
|
2012-02-28 05:24:41 -06:00
|
|
|
|
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# ONLY_CLIENT
|
|
|
|
|
%endif
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package client
|
|
|
|
|
Summary: IPA authentication for use on clients
|
2015-12-07 06:52:38 -06:00
|
|
|
|
Requires: %{name}-client-common = %{version}-%{release}
|
|
|
|
|
Requires: %{name}-common = %{version}-%{release}
|
2017-10-25 09:09:28 -05:00
|
|
|
|
Requires: python3-gssapi >= 1.2.0-5
|
2017-06-21 10:08:18 -05:00
|
|
|
|
Requires: python3-ipaclient = %{version}-%{release}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-ldap >= %{python_ldap_version}
|
2018-09-27 05:12:07 -05:00
|
|
|
|
Requires: python3-sssdconfig >= %{sssd_version}
|
2011-07-22 08:06:13 -05:00
|
|
|
|
Requires: cyrus-sasl-gssapi%{?_isa}
|
2018-02-22 02:33:13 -06:00
|
|
|
|
Requires: chrony
|
2017-04-25 07:35:34 -05:00
|
|
|
|
Requires: krb5-workstation >= %{krb5_version}
|
2018-04-26 09:51:42 -05:00
|
|
|
|
Requires: authselect >= 0.4-2
|
2015-12-04 15:52:03 -06:00
|
|
|
|
Requires: curl
|
2016-08-08 06:13:18 -05:00
|
|
|
|
# NIS domain name config: /usr/lib/systemd/system/*-domainname.service
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# All Fedora 28+ and RHEL8+ contain the service in hostname package
|
2018-06-19 03:10:51 -05:00
|
|
|
|
Requires: hostname
|
2012-11-14 09:45:41 -06:00
|
|
|
|
Requires: libcurl >= 7.21.7-2
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with ipa_join_xml}
|
2012-11-14 09:45:41 -06:00
|
|
|
|
Requires: xmlrpc-c >= 1.27.4
|
2020-05-31 18:53:25 -05:00
|
|
|
|
%else
|
2020-05-31 18:15:47 -05:00
|
|
|
|
Requires: jansson
|
2020-05-31 18:53:25 -05:00
|
|
|
|
%endif
|
2018-09-27 05:12:07 -05:00
|
|
|
|
Requires: sssd-ipa >= %{sssd_version}
|
2019-02-21 18:37:12 -06:00
|
|
|
|
Requires: certmonger >= %{certmonger_version}
|
2018-04-30 01:25:23 -05:00
|
|
|
|
Requires: nss-tools >= %{nss_version}
|
2011-02-17 07:30:36 -06:00
|
|
|
|
Requires: bind-utils
|
2012-02-27 03:59:25 -06:00
|
|
|
|
Requires: oddjob-mkhomedir
|
2012-05-29 13:20:38 -05:00
|
|
|
|
Requires: libsss_autofs
|
|
|
|
|
Requires: autofs
|
|
|
|
|
Requires: libnfsidmap
|
|
|
|
|
Requires: nfs-utils
|
2018-09-27 05:12:07 -05:00
|
|
|
|
Requires: sssd-tools >= %{sssd_version}
|
2012-10-31 04:15:28 -05:00
|
|
|
|
Requires(post): policycoreutils
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2020-12-09 23:55:16 -06:00
|
|
|
|
# https://pagure.io/freeipa/issue/8530
|
|
|
|
|
Recommends: libsss_sudo
|
|
|
|
|
Recommends: sudo
|
|
|
|
|
Requires: (libsss_sudo if sudo)
|
|
|
|
|
|
2015-11-09 05:15:59 -06:00
|
|
|
|
Provides: %{alt_name}-client = %{version}
|
2014-09-17 03:02:01 -05:00
|
|
|
|
Conflicts: %{alt_name}-client
|
|
|
|
|
Obsoletes: %{alt_name}-client < %{version}
|
2011-01-17 03:26:19 -06:00
|
|
|
|
|
2016-08-25 03:59:34 -05:00
|
|
|
|
Provides: %{alt_name}-admintools = %{version}
|
|
|
|
|
Conflicts: %{alt_name}-admintools
|
|
|
|
|
Obsoletes: %{alt_name}-admintools < 4.4.1
|
|
|
|
|
|
|
|
|
|
Obsoletes: %{name}-admintools < 4.4.1
|
|
|
|
|
Provides: %{name}-admintools = %{version}-%{release}
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?rhel} == 8
|
|
|
|
|
# Conflict with crypto-policies < 20200629-1 to get AD-SUPPORT policy module
|
|
|
|
|
Conflicts: crypto-policies < 20200629-1
|
|
|
|
|
%endif
|
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%description client
|
2015-09-21 08:56:36 -05:00
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If your network uses IPA for authentication, this package should be
|
|
|
|
|
installed on every client machine.
|
2016-08-25 03:59:34 -05:00
|
|
|
|
This package provides command-line tools for IPA administrators.
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2019-05-18 06:54:48 -05:00
|
|
|
|
%package client-samba
|
|
|
|
|
Summary: Tools to configure Samba on IPA client
|
|
|
|
|
Group: System Environment/Base
|
|
|
|
|
Requires: %{name}-client = %{version}-%{release}
|
|
|
|
|
Requires: python3-samba
|
|
|
|
|
Requires: samba-client
|
|
|
|
|
Requires: samba-winbind
|
|
|
|
|
Requires: samba-common-tools
|
|
|
|
|
Requires: samba
|
|
|
|
|
Requires: sssd-winbind-idmap
|
|
|
|
|
Requires: tdb-tools
|
|
|
|
|
Requires: cifs-utils
|
|
|
|
|
|
|
|
|
|
%description client-samba
|
|
|
|
|
This package provides command-line tools to deploy Samba domain member
|
|
|
|
|
on the machine enrolled into a FreeIPA environment
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2020-05-05 08:59:11 -05:00
|
|
|
|
%package client-epn
|
|
|
|
|
Summary: Tools to configure Expiring Password Notification in IPA
|
|
|
|
|
Group: System Environment/Base
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Requires: %{name}-client = %{version}-%{release}
|
2020-10-06 06:50:03 -05:00
|
|
|
|
Requires: systemd-units >= %{systemd_version}
|
|
|
|
|
Requires(post): systemd-units >= %{systemd_version}
|
|
|
|
|
Requires(preun): systemd-units >= %{systemd_version}
|
|
|
|
|
Requires(postun): systemd-units >= %{systemd_version}
|
2020-05-05 08:59:11 -05:00
|
|
|
|
|
|
|
|
|
%description client-epn
|
|
|
|
|
This package provides a service to collect and send expiring password
|
|
|
|
|
notifications via email (SMTP).
|
|
|
|
|
|
2016-02-19 07:54:18 -06:00
|
|
|
|
%package -n python3-ipaclient
|
|
|
|
|
Summary: Python libraries used by IPA client
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
%{?python_provide:%python_provide python3-ipaclient}
|
|
|
|
|
Requires: %{name}-client-common = %{version}-%{release}
|
|
|
|
|
Requires: %{name}-common = %{version}-%{release}
|
|
|
|
|
Requires: python3-ipalib = %{version}-%{release}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-augeas
|
2016-12-14 03:12:05 -06:00
|
|
|
|
Requires: python3-dns >= 1.15
|
2016-07-05 13:19:35 -05:00
|
|
|
|
Requires: python3-jinja2
|
2016-02-19 07:54:18 -06:00
|
|
|
|
|
|
|
|
|
%description -n python3-ipaclient
|
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If your network uses IPA for authentication, this package should be
|
|
|
|
|
installed on every client machine.
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%package client-common
|
|
|
|
|
Summary: Common files used by IPA client
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
|
|
|
|
|
Provides: %{alt_name}-client-common = %{version}
|
|
|
|
|
Conflicts: %{alt_name}-client-common
|
|
|
|
|
Obsoletes: %{alt_name}-client-common < %{version}
|
2018-08-23 07:54:28 -05:00
|
|
|
|
# python2-ipa* packages are no longer available in 4.8.
|
|
|
|
|
Obsoletes: python2-ipaclient < 4.8.0-1
|
|
|
|
|
Obsoletes: python2-ipalib < 4.8.0-1
|
|
|
|
|
Obsoletes: python2-ipaserver < 4.8.0-1
|
|
|
|
|
Obsoletes: python2-ipatests < 4.8.0-1
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
|
|
|
|
%description client-common
|
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If your network uses IPA for authentication, this package should be
|
|
|
|
|
installed on every client machine.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package python-compat
|
|
|
|
|
Summary: Compatiblity package for Python libraries used by IPA
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
Obsoletes: %{name}-python < 4.2.91
|
|
|
|
|
Provides: %{name}-python = %{version}-%{release}
|
|
|
|
|
Requires: %{name}-common = %{version}-%{release}
|
2017-06-21 10:08:18 -05:00
|
|
|
|
Requires: python3-ipalib = %{version}-%{release}
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
|
|
|
|
Provides: %{alt_name}-python-compat = %{version}
|
|
|
|
|
Conflicts: %{alt_name}-python-compat
|
|
|
|
|
Obsoletes: %{alt_name}-python-compat < %{version}
|
|
|
|
|
|
|
|
|
|
Obsoletes: %{alt_name}-python < 4.2.91
|
|
|
|
|
Provides: %{alt_name}-python = %{version}
|
|
|
|
|
|
|
|
|
|
%description python-compat
|
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
This is a compatibility package to accommodate %{name}-python split into
|
2018-08-23 07:54:28 -05:00
|
|
|
|
python3-ipalib and %{name}-common. Packages still depending on
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%{name}-python should be fixed to depend on python2-ipaclient or
|
|
|
|
|
%{name}-common instead.
|
|
|
|
|
|
|
|
|
|
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%package -n python3-ipalib
|
|
|
|
|
Summary: Python3 libraries used by IPA
|
2016-01-21 05:59:11 -06:00
|
|
|
|
BuildArch: noarch
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%{?python_provide:%python_provide python3-ipalib}
|
|
|
|
|
Provides: python3-ipapython = %{version}-%{release}
|
|
|
|
|
%{?python_provide:%python_provide python3-ipapython}
|
|
|
|
|
Provides: python3-ipaplatform = %{version}-%{release}
|
|
|
|
|
%{?python_provide:%python_provide python3-ipaplatform}
|
|
|
|
|
Requires: %{name}-common = %{version}-%{release}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
# we need pre-requires since earlier versions may break upgrade
|
|
|
|
|
Requires(pre): python3-ldap >= %{python_ldap_version}
|
2018-05-22 07:12:10 -05:00
|
|
|
|
Requires: gnupg2
|
2015-11-03 09:39:40 -06:00
|
|
|
|
Requires: keyutils
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-cffi
|
2017-01-02 06:53:18 -06:00
|
|
|
|
Requires: python3-cryptography >= 1.6
|
2015-11-03 09:39:40 -06:00
|
|
|
|
Requires: python3-dateutil
|
|
|
|
|
Requires: python3-dbus
|
2016-12-14 03:12:05 -06:00
|
|
|
|
Requires: python3-dns >= 1.15
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-gssapi >= 1.2.0
|
|
|
|
|
Requires: python3-jwcrypto >= 0.4.2
|
|
|
|
|
Requires: python3-libipa_hbac
|
|
|
|
|
Requires: python3-netaddr >= %{python_netaddr_version}
|
2016-04-13 09:14:42 -05:00
|
|
|
|
Requires: python3-netifaces >= 0.10.4
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-pyasn1 >= 0.3.2-2
|
|
|
|
|
Requires: python3-pyasn1-modules >= 0.3.2-2
|
2016-05-27 06:45:57 -05:00
|
|
|
|
Requires: python3-pyusb
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-qrcode-core >= 5.0.0
|
|
|
|
|
Requires: python3-requests
|
|
|
|
|
Requires: python3-six
|
|
|
|
|
Requires: python3-sss-murmur
|
|
|
|
|
Requires: python3-yubico >= 1.3.2-7
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?rhel} && 0%{?rhel} >= 8
|
|
|
|
|
Requires: platform-python-setuptools
|
|
|
|
|
%else
|
|
|
|
|
Requires: python3-setuptools
|
|
|
|
|
%endif
|
2015-11-03 09:39:40 -06:00
|
|
|
|
|
|
|
|
|
%description -n python3-ipalib
|
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If you are using IPA with Python 3, you need to install this package.
|
|
|
|
|
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%package common
|
|
|
|
|
Summary: Common files used by IPA
|
|
|
|
|
BuildArch: noarch
|
2016-06-29 07:00:51 -05:00
|
|
|
|
Conflicts: %{name}-python < 4.2.91
|
2011-01-17 03:26:19 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
Provides: %{alt_name}-common = %{version}
|
|
|
|
|
Conflicts: %{alt_name}-common
|
|
|
|
|
Obsoletes: %{alt_name}-common < %{version}
|
|
|
|
|
|
|
|
|
|
Conflicts: %{alt_name}-python < %{version}
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with selinux}
|
2020-03-20 04:00:06 -05:00
|
|
|
|
# This ensures that the *-selinux package and all it’s dependencies are not
|
|
|
|
|
# pulled into containers and other systems that do not use SELinux. The
|
|
|
|
|
# policy defines types and file contexts for client and server.
|
|
|
|
|
Requires: (%{name}-selinux if selinux-policy-%{selinuxtype})
|
|
|
|
|
%endif
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%description common
|
2015-09-21 08:56:36 -05:00
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
If you are using IPA, you need to install this package.
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with ipatests}
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%package -n python3-ipatests
|
|
|
|
|
Summary: IPA tests and test tools
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
%{?python_provide:%python_provide python3-ipatests}
|
2016-06-08 03:58:05 -05:00
|
|
|
|
Requires: python3-ipaclient = %{version}-%{release}
|
2017-09-01 02:24:48 -05:00
|
|
|
|
Requires: python3-ipaserver = %{version}-%{release}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: iptables
|
2015-11-03 09:39:40 -06:00
|
|
|
|
Requires: python3-coverage
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: python3-cryptography >= 1.6
|
2021-01-20 11:21:22 -06:00
|
|
|
|
Requires: python3-pexpect
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?fedora}
|
|
|
|
|
# These packages do not exist on RHEL and for ipatests use
|
|
|
|
|
# they are installed on the controller through other means
|
|
|
|
|
Requires: ldns-utils
|
2021-01-27 08:28:12 -06:00
|
|
|
|
# update-crypto-policies
|
|
|
|
|
Requires: crypto-policies-scripts
|
2015-11-03 09:39:40 -06:00
|
|
|
|
Requires: python3-polib
|
2020-04-13 11:28:43 -05:00
|
|
|
|
Requires: python3-pytest >= 3.9.1
|
2015-11-03 09:39:40 -06:00
|
|
|
|
Requires: python3-pytest-multihost >= 0.5
|
|
|
|
|
Requires: python3-pytest-sourceorder
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Requires: sshpass
|
|
|
|
|
%endif
|
2018-09-27 05:12:07 -05:00
|
|
|
|
Requires: python3-sssdconfig >= %{sssd_version}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
Requires: tar
|
|
|
|
|
Requires: xz
|
2020-01-24 07:03:00 -06:00
|
|
|
|
Requires: openssh-clients
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?rhel}
|
|
|
|
|
AutoReqProv: no
|
|
|
|
|
%endif
|
2015-11-03 09:39:40 -06:00
|
|
|
|
|
|
|
|
|
%description -n python3-ipatests
|
|
|
|
|
IPA is an integrated solution to provide centrally managed Identity (users,
|
|
|
|
|
hosts, services), Authentication (SSO, 2FA), and Authorization
|
|
|
|
|
(host access control, SELinux user roles, services). The solution provides
|
|
|
|
|
features for further integration with Linux based clients (SUDO, automount)
|
|
|
|
|
and integration with Active Directory based infrastructures (Trusts).
|
|
|
|
|
This package contains tests that verify IPA functionality under Python 3.
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# with ipatests
|
2019-07-16 05:45:48 -05:00
|
|
|
|
%endif
|
2013-05-21 06:40:27 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
|
|
|
|
|
%if %{with selinux}
|
2020-02-14 10:43:36 -06:00
|
|
|
|
# SELinux subpackage
|
|
|
|
|
%package selinux
|
|
|
|
|
Summary: FreeIPA SELinux policy
|
|
|
|
|
BuildArch: noarch
|
|
|
|
|
Requires: selinux-policy-%{selinuxtype}
|
|
|
|
|
Requires(post): selinux-policy-%{selinuxtype}
|
|
|
|
|
%{?selinux_requires}
|
|
|
|
|
|
|
|
|
|
%description selinux
|
2020-12-02 01:51:49 -06:00
|
|
|
|
Custom SELinux policy module for FreeIPA
|
|
|
|
|
# with selinux
|
2020-02-14 10:43:36 -06:00
|
|
|
|
%endif
|
2013-05-21 06:40:27 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%prep
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# Update timestamps on the files touched by a patch, to avoid non-equal
|
|
|
|
|
# .pyc/.pyo files across the multilib peers within a build, where "Level"
|
|
|
|
|
# is the patch prefix option (e.g. -p1)
|
|
|
|
|
# Taken from specfile for sssd and python-simplejson
|
|
|
|
|
UpdateTimestamps() {
|
|
|
|
|
Level=$1
|
|
|
|
|
PatchFile=$2
|
|
|
|
|
|
|
|
|
|
# Locate the affected files:
|
|
|
|
|
for f in $(diffstat $Level -l $PatchFile); do
|
|
|
|
|
# Set the files to have the same timestamp as that of the patch:
|
|
|
|
|
touch -c -r $PatchFile $f
|
|
|
|
|
done
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
%setup -n freeipa-%{version}%{?rc_version} -q
|
|
|
|
|
|
|
|
|
|
# To allow proper application patches to the stripped po files, strip originals
|
|
|
|
|
pushd po
|
|
|
|
|
for i in *.po ; do
|
|
|
|
|
msgattrib --translated --no-fuzzy --no-location -s $i > $i.tmp || exit 1
|
|
|
|
|
mv $i.tmp $i || exit 1
|
|
|
|
|
done
|
|
|
|
|
popd
|
|
|
|
|
|
|
|
|
|
for p in %patches ; do
|
|
|
|
|
%__patch -p1 -i $p
|
|
|
|
|
UpdateTimestamps -p1 $p
|
|
|
|
|
done
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%build
|
2016-11-10 08:24:50 -06:00
|
|
|
|
# PATH is workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1005235
|
|
|
|
|
export PATH=/usr/bin:/usr/sbin:$PATH
|
2017-08-31 03:45:31 -05:00
|
|
|
|
|
2016-11-24 10:35:24 -06:00
|
|
|
|
export PYTHON=%{__python3}
|
2018-09-04 08:24:21 -05:00
|
|
|
|
autoreconf -ivf
|
2017-01-11 08:02:09 -06:00
|
|
|
|
%configure --with-vendor-suffix=-%{release} \
|
2017-03-15 01:48:29 -05:00
|
|
|
|
%{enable_server_option} \
|
2017-03-15 03:30:14 -05:00
|
|
|
|
%{with_ipatests_option} \
|
2020-05-31 18:53:25 -05:00
|
|
|
|
%{with_ipa_join_xml_option} \
|
2017-02-22 12:19:35 -06:00
|
|
|
|
%{linter_options}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
|
|
|
|
|
# run build in default dir
|
|
|
|
|
# -Onone is workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1398405
|
|
|
|
|
%make_build -Onone
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2015-11-13 01:11:38 -06:00
|
|
|
|
%check
|
2016-10-12 10:13:36 -05:00
|
|
|
|
make %{?_smp_mflags} check VERBOSE=yes LIBDIR=%{_libdir}
|
2015-11-13 01:11:38 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%install
|
2016-11-11 05:21:58 -06:00
|
|
|
|
# Please put as much logic as possible into make install. It allows:
|
|
|
|
|
# - easier porting to other distributions
|
|
|
|
|
# - rapid devel & install cycle using make install
|
|
|
|
|
# (instead of full RPM build and installation each time)
|
|
|
|
|
#
|
|
|
|
|
# All files and directories created by spec install should be marked as ghost.
|
|
|
|
|
# (These are typically configuration files created by IPA installer.)
|
|
|
|
|
# All other artifacts should be created by make install.
|
2015-11-03 09:39:40 -06:00
|
|
|
|
|
2018-08-23 07:54:28 -05:00
|
|
|
|
%make_install
|
|
|
|
|
|
2020-04-08 04:54:28 -05:00
|
|
|
|
# don't package ipasphinx for now
|
|
|
|
|
rm -rf %{buildroot}%{python3_sitelib}/ipasphinx*
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with ipatests}
|
2015-11-03 09:39:40 -06:00
|
|
|
|
mv %{buildroot}%{_bindir}/ipa-run-tests %{buildroot}%{_bindir}/ipa-run-tests-%{python3_version}
|
|
|
|
|
mv %{buildroot}%{_bindir}/ipa-test-config %{buildroot}%{_bindir}/ipa-test-config-%{python3_version}
|
|
|
|
|
mv %{buildroot}%{_bindir}/ipa-test-task %{buildroot}%{_bindir}/ipa-test-task-%{python3_version}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
ln -rs %{buildroot}%{_bindir}/ipa-run-tests-%{python3_version} %{buildroot}%{_bindir}/ipa-run-tests-3
|
|
|
|
|
ln -rs %{buildroot}%{_bindir}/ipa-test-config-%{python3_version} %{buildroot}%{_bindir}/ipa-test-config-3
|
|
|
|
|
ln -rs %{buildroot}%{_bindir}/ipa-test-task-%{python3_version} %{buildroot}%{_bindir}/ipa-test-task-3
|
|
|
|
|
ln -frs %{buildroot}%{_bindir}/ipa-run-tests-%{python3_version} %{buildroot}%{_bindir}/ipa-run-tests
|
|
|
|
|
ln -frs %{buildroot}%{_bindir}/ipa-test-config-%{python3_version} %{buildroot}%{_bindir}/ipa-test-config
|
|
|
|
|
ln -frs %{buildroot}%{_bindir}/ipa-test-task-%{python3_version} %{buildroot}%{_bindir}/ipa-test-task
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# with_ipatests
|
|
|
|
|
%endif
|
2015-11-03 09:39:40 -06:00
|
|
|
|
|
2016-11-24 10:35:24 -06:00
|
|
|
|
# remove files which are useful only for make uninstall
|
|
|
|
|
find %{buildroot} -wholename '*/site-packages/*/install_files.txt' -exec rm {} \;
|
2016-06-14 04:41:25 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?rhel}
|
|
|
|
|
# RHEL spec file only: START
|
|
|
|
|
# Moved branding logos and background to redhat-logos-ipa-80.4:
|
|
|
|
|
# header-logo.png, login-screen-background.jpg, login-screen-logo.png,
|
|
|
|
|
# product-name.png
|
|
|
|
|
rm -f %{buildroot}%{_usr}/share/ipa/ui/images/header-logo.png
|
|
|
|
|
rm -f %{buildroot}%{_usr}/share/ipa/ui/images/login-screen-background.jpg
|
|
|
|
|
rm -f %{buildroot}%{_usr}/share/ipa/ui/images/login-screen-logo.png
|
|
|
|
|
rm -f %{buildroot}%{_usr}/share/ipa/ui/images/product-name.png
|
|
|
|
|
%endif
|
|
|
|
|
# RHEL spec file only: END
|
|
|
|
|
|
2010-02-09 12:14:25 -06:00
|
|
|
|
%find_lang %{gettext_domain}
|
|
|
|
|
|
2009-10-12 15:00:00 -05:00
|
|
|
|
%if ! %{ONLY_CLIENT}
|
2009-02-02 12:50:53 -06:00
|
|
|
|
# Remove .la files from libtool - we don't want to package
|
|
|
|
|
# these files
|
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_pwd_extop.la
|
2009-09-14 16:04:08 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_enrollment_extop.la
|
2009-02-02 12:50:53 -06:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_winsync.la
|
2010-06-24 09:31:52 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_repl_version.la
|
2010-10-15 09:49:29 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_uuid.la
|
2010-10-19 16:11:31 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_modrdn.la
|
2011-01-18 13:58:58 -06:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_lockout.la
|
2011-11-09 18:03:48 -06:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_cldap.la
|
2013-03-08 11:54:58 -06:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_dns.la
|
2012-06-21 05:54:34 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_sidgen.la
|
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_sidgen_task.la
|
2011-11-30 06:29:10 -06:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_extdom_extop.la
|
2012-06-18 14:25:31 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_range_check.la
|
2014-09-10 16:31:37 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_otp_counter.la
|
2013-12-16 15:19:08 -06:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libipa_otp_lasttoken.la
|
2015-05-20 10:28:39 -05:00
|
|
|
|
rm %{buildroot}/%{plugin_dir}/libtopology.la
|
2011-05-19 15:24:57 -05:00
|
|
|
|
rm %{buildroot}/%{_libdir}/krb5/plugins/kdb/ipadb.la
|
2011-10-25 03:33:30 -05:00
|
|
|
|
rm %{buildroot}/%{_libdir}/samba/pdb/ipasam.la
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2009-05-14 08:29:16 -05:00
|
|
|
|
# So we can own our Apache configuration
|
2011-01-25 10:03:40 -06:00
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/httpd/conf.d/
|
|
|
|
|
/bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa.conf
|
2015-06-23 10:01:00 -05:00
|
|
|
|
/bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa-kdc-proxy.conf
|
2011-08-17 14:36:18 -05:00
|
|
|
|
/bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa-pki-proxy.conf
|
2011-01-25 10:03:40 -06:00
|
|
|
|
/bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa-rewrite.conf
|
2012-01-31 11:32:47 -06:00
|
|
|
|
/bin/touch %{buildroot}%{_usr}/share/ipa/html/ca.crt
|
|
|
|
|
/bin/touch %{buildroot}%{_usr}/share/ipa/html/krb.con
|
|
|
|
|
/bin/touch %{buildroot}%{_usr}/share/ipa/html/krb5.ini
|
|
|
|
|
/bin/touch %{buildroot}%{_usr}/share/ipa/html/krbrealm.con
|
2012-02-06 12:15:06 -06:00
|
|
|
|
|
2012-10-10 01:46:08 -05:00
|
|
|
|
mkdir -p %{buildroot}%{_libdir}/krb5/plugins/libkrb5
|
|
|
|
|
touch %{buildroot}%{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so
|
|
|
|
|
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# ONLY_CLIENT
|
|
|
|
|
%endif
|
2010-12-04 14:42:14 -06:00
|
|
|
|
|
2011-01-25 10:03:40 -06:00
|
|
|
|
/bin/touch %{buildroot}%{_sysconfdir}/ipa/default.conf
|
2012-01-31 11:32:47 -06:00
|
|
|
|
/bin/touch %{buildroot}%{_sysconfdir}/ipa/ca.crt
|
2014-09-17 04:52:37 -05:00
|
|
|
|
|
|
|
|
|
%if ! %{ONLY_CLIENT}
|
2011-02-01 13:24:46 -06:00
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/cron.d
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# ONLY_CLIENT
|
|
|
|
|
%endif
|
2012-06-12 07:58:50 -05:00
|
|
|
|
|
2009-10-12 15:00:00 -05:00
|
|
|
|
%if ! %{ONLY_CLIENT}
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%post server
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# NOTE: systemd specific section
|
2011-10-21 08:44:36 -05:00
|
|
|
|
/bin/systemctl --system daemon-reload 2>&1 || :
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# END
|
2011-03-18 10:19:53 -05:00
|
|
|
|
if [ $1 -gt 1 ] ; then
|
2013-01-24 15:14:31 -06:00
|
|
|
|
/bin/systemctl condrestart certmonger.service 2>&1 || :
|
2011-03-18 10:19:53 -05:00
|
|
|
|
fi
|
2015-12-09 01:18:21 -06:00
|
|
|
|
/bin/systemctl reload-or-try-restart dbus
|
|
|
|
|
/bin/systemctl reload-or-try-restart oddjobd
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2017-07-11 07:10:28 -05:00
|
|
|
|
%tmpfiles_create ipa.conf
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2011-11-23 15:52:40 -06:00
|
|
|
|
%posttrans server
|
2016-03-01 11:56:28 -06:00
|
|
|
|
# don't execute upgrade and restart of IPA when server is not installed
|
2020-07-08 09:16:17 -05:00
|
|
|
|
%{__python3} -c "import sys; from ipalib import facts; sys.exit(0 if facts.is_ipa_configured() else 1);" > /dev/null 2>&1
|
2016-03-01 11:56:28 -06:00
|
|
|
|
|
2013-07-11 09:35:26 -05:00
|
|
|
|
if [ $? -eq 0 ]; then
|
2017-06-26 07:21:41 -05:00
|
|
|
|
# This is necessary for Fedora system upgrades which by default
|
|
|
|
|
# work with the network being offline
|
|
|
|
|
/bin/systemctl start network-online.target
|
|
|
|
|
|
2016-03-01 11:56:28 -06:00
|
|
|
|
# Restart IPA processes. This must be also run in postrans so that plugins
|
2017-11-01 10:53:19 -05:00
|
|
|
|
# and software is in consistent state. This will also perform the
|
|
|
|
|
# system upgrade.
|
2016-03-01 11:56:28 -06:00
|
|
|
|
# NOTE: systemd specific section
|
|
|
|
|
|
2014-06-17 09:12:47 -05:00
|
|
|
|
/bin/systemctl is-enabled ipa.service >/dev/null 2>&1
|
|
|
|
|
if [ $? -eq 0 ]; then
|
2017-11-01 10:53:19 -05:00
|
|
|
|
/bin/systemctl restart ipa.service >/dev/null
|
2014-06-17 09:12:47 -05:00
|
|
|
|
fi
|
2020-11-19 20:03:20 -06:00
|
|
|
|
|
|
|
|
|
/bin/systemctl is-enabled ipa-ccache-sweep.timer >/dev/null 2>&1
|
|
|
|
|
if [ $? -eq 1 ]; then
|
|
|
|
|
/bin/systemctl enable ipa-ccache-sweep.timer>/dev/null
|
|
|
|
|
fi
|
2013-07-11 09:35:26 -05:00
|
|
|
|
fi
|
|
|
|
|
# END
|
2011-11-23 15:52:40 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%preun server
|
|
|
|
|
if [ $1 = 0 ]; then
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# NOTE: systemd specific section
|
2011-10-21 08:44:36 -05:00
|
|
|
|
/bin/systemctl --quiet stop ipa.service || :
|
|
|
|
|
/bin/systemctl --quiet disable ipa.service || :
|
2015-12-09 01:18:21 -06:00
|
|
|
|
/bin/systemctl reload-or-try-restart dbus
|
|
|
|
|
/bin/systemctl reload-or-try-restart oddjobd
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# END
|
2009-02-02 12:50:53 -06:00
|
|
|
|
fi
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2012-02-13 08:16:26 -06:00
|
|
|
|
%pre server
|
|
|
|
|
# Stop ipa_kpasswd if it exists before upgrading so we don't have a
|
|
|
|
|
# zombie process when we're done.
|
|
|
|
|
if [ -e /usr/sbin/ipa_kpasswd ]; then
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# NOTE: systemd specific section
|
2012-02-13 08:16:26 -06:00
|
|
|
|
/bin/systemctl stop ipa_kpasswd.service >/dev/null 2>&1 || :
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# END
|
2012-02-13 08:16:26 -06:00
|
|
|
|
fi
|
|
|
|
|
|
2018-04-25 04:33:57 -05:00
|
|
|
|
|
|
|
|
|
%pre server-common
|
2017-04-11 04:43:40 -05:00
|
|
|
|
# create users and groups
|
|
|
|
|
# create kdcproxy group and user
|
|
|
|
|
getent group kdcproxy >/dev/null || groupadd -f -r kdcproxy
|
|
|
|
|
getent passwd kdcproxy >/dev/null || useradd -r -g kdcproxy -s /sbin/nologin -d / -c "IPA KDC Proxy User" kdcproxy
|
|
|
|
|
# create ipaapi group and user
|
|
|
|
|
getent group ipaapi >/dev/null || groupadd -f -r ipaapi
|
|
|
|
|
getent passwd ipaapi >/dev/null || useradd -r -g ipaapi -s /sbin/nologin -d / -c "IPA Framework User" ipaapi
|
|
|
|
|
# add apache to ipaaapi group
|
|
|
|
|
id -Gn apache | grep '\bipaapi\b' >/dev/null || usermod apache -a -G ipaapi
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2018-02-22 08:45:13 -06:00
|
|
|
|
|
|
|
|
|
%post server-dns
|
|
|
|
|
%systemd_post ipa-dnskeysyncd.service ipa-ods-exporter.socket ipa-ods-exporter.service
|
|
|
|
|
|
|
|
|
|
%preun server-dns
|
|
|
|
|
%systemd_preun ipa-dnskeysyncd.service ipa-ods-exporter.socket ipa-ods-exporter.service
|
|
|
|
|
|
|
|
|
|
%postun server-dns
|
|
|
|
|
%systemd_postun ipa-dnskeysyncd.service ipa-ods-exporter.socket ipa-ods-exporter.service
|
|
|
|
|
|
|
|
|
|
|
2012-10-10 01:46:08 -05:00
|
|
|
|
%postun server-trust-ad
|
|
|
|
|
if [ "$1" -ge "1" ]; then
|
2013-08-13 03:56:26 -05:00
|
|
|
|
if [ "`readlink %{_sysconfdir}/alternatives/winbind_krb5_locator.so`" == "/dev/null" ]; then
|
|
|
|
|
%{_sbindir}/alternatives --set winbind_krb5_locator.so /dev/null
|
|
|
|
|
fi
|
2012-10-10 01:46:08 -05:00
|
|
|
|
fi
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2012-10-10 01:46:08 -05:00
|
|
|
|
%post server-trust-ad
|
|
|
|
|
%{_sbindir}/update-alternatives --install %{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so \
|
2013-08-13 03:56:26 -05:00
|
|
|
|
winbind_krb5_locator.so /dev/null 90
|
2015-06-05 07:57:02 -05:00
|
|
|
|
/bin/systemctl reload-or-try-restart dbus
|
|
|
|
|
/bin/systemctl reload-or-try-restart oddjobd
|
2013-07-11 09:35:26 -05:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2013-07-11 09:35:26 -05:00
|
|
|
|
%posttrans server-trust-ad
|
2020-07-08 09:16:17 -05:00
|
|
|
|
%{__python3} -c "import sys; from ipalib import facts; sys.exit(0 if facts.is_ipa_configured() else 1);" > /dev/null 2>&1
|
2012-10-26 06:12:17 -05:00
|
|
|
|
if [ $? -eq 0 ]; then
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# NOTE: systemd specific section
|
2012-10-26 06:12:17 -05:00
|
|
|
|
/bin/systemctl try-restart httpd.service >/dev/null 2>&1 || :
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# END
|
2012-10-26 06:12:17 -05:00
|
|
|
|
fi
|
2012-10-10 01:46:08 -05:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2012-10-10 01:46:08 -05:00
|
|
|
|
%preun server-trust-ad
|
|
|
|
|
if [ $1 -eq 0 ]; then
|
2013-08-13 03:56:26 -05:00
|
|
|
|
%{_sbindir}/update-alternatives --remove winbind_krb5_locator.so /dev/null
|
2015-06-05 07:57:02 -05:00
|
|
|
|
/bin/systemctl reload-or-try-restart dbus
|
|
|
|
|
/bin/systemctl reload-or-try-restart oddjobd
|
2012-10-10 01:46:08 -05:00
|
|
|
|
fi
|
2013-12-03 10:14:00 -06:00
|
|
|
|
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# ONLY_CLIENT
|
|
|
|
|
%endif
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2020-06-11 04:17:25 -05:00
|
|
|
|
%preun client-epn
|
|
|
|
|
%systemd_preun ipa-epn.service
|
|
|
|
|
%systemd_preun ipa-epn.timer
|
|
|
|
|
|
|
|
|
|
%postun client-epn
|
|
|
|
|
%systemd_postun ipa-epn.service
|
|
|
|
|
%systemd_postun ipa-epn.timer
|
|
|
|
|
|
|
|
|
|
%post client-epn
|
|
|
|
|
%systemd_post ipa-epn.service
|
|
|
|
|
%systemd_post ipa-epn.timer
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2012-10-31 04:15:28 -05:00
|
|
|
|
%post client
|
|
|
|
|
if [ $1 -gt 1 ] ; then
|
|
|
|
|
# Has the client been configured?
|
|
|
|
|
restore=0
|
|
|
|
|
test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}')
|
|
|
|
|
|
|
|
|
|
if [ -f '/etc/sssd/sssd.conf' -a $restore -ge 2 ]; then
|
2013-08-13 03:56:26 -05:00
|
|
|
|
if ! grep -E -q '/var/lib/sss/pubconf/krb5.include.d/' /etc/krb5.conf 2>/dev/null ; then
|
2012-10-31 04:15:28 -05:00
|
|
|
|
echo "includedir /var/lib/sss/pubconf/krb5.include.d/" > /etc/krb5.conf.ipanew
|
|
|
|
|
cat /etc/krb5.conf >> /etc/krb5.conf.ipanew
|
2015-07-17 09:12:07 -05:00
|
|
|
|
mv -Z /etc/krb5.conf.ipanew /etc/krb5.conf
|
2012-10-31 04:15:28 -05:00
|
|
|
|
fi
|
|
|
|
|
fi
|
2014-01-24 03:16:48 -06:00
|
|
|
|
|
2017-05-03 01:48:57 -05:00
|
|
|
|
if [ $restore -ge 2 ]; then
|
|
|
|
|
if grep -E -q '\s*pkinit_anchors = FILE:/etc/ipa/ca.crt$' /etc/krb5.conf 2>/dev/null; then
|
|
|
|
|
sed -E 's|(\s*)pkinit_anchors = FILE:/etc/ipa/ca.crt$|\1pkinit_anchors = FILE:/var/lib/ipa-client/pki/kdc-ca-bundle.pem\n\1pkinit_pool = FILE:/var/lib/ipa-client/pki/ca-bundle.pem|' /etc/krb5.conf >/etc/krb5.conf.ipanew
|
|
|
|
|
mv -Z /etc/krb5.conf.ipanew /etc/krb5.conf
|
|
|
|
|
cp /etc/ipa/ca.crt /var/lib/ipa-client/pki/kdc-ca-bundle.pem
|
|
|
|
|
cp /etc/ipa/ca.crt /var/lib/ipa-client/pki/ca-bundle.pem
|
|
|
|
|
fi
|
2018-07-20 13:08:14 -05:00
|
|
|
|
|
|
|
|
|
%{__python3} -c 'from ipaclient.install.client import configure_krb5_snippet; configure_krb5_snippet()' >>/var/log/ipaupgrade.log 2>&1
|
2018-08-23 07:54:28 -05:00
|
|
|
|
%{__python3} -c 'from ipaclient.install.client import update_ipa_nssdb; update_ipa_nssdb()' >>/var/log/ipaupgrade.log 2>&1
|
2020-08-11 09:38:28 -05:00
|
|
|
|
SSH_CLIENT_SYSTEM_CONF="/etc/ssh/ssh_config"
|
|
|
|
|
if [ -f "$SSH_CLIENT_SYSTEM_CONF" ]; then
|
|
|
|
|
sed -E --in-place=.orig 's/^(HostKeyAlgorithms ssh-rsa,ssh-dss)$/# disabled by ipa-client update\n# \1/' "$SSH_CLIENT_SYSTEM_CONF"
|
|
|
|
|
fi
|
2019-11-12 02:51:02 -06:00
|
|
|
|
fi
|
2012-10-31 04:15:28 -05:00
|
|
|
|
fi
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with selinux}
|
2020-02-14 10:43:36 -06:00
|
|
|
|
# SELinux contexts are saved so that only affected files can be
|
|
|
|
|
# relabeled after the policy module installation
|
|
|
|
|
%pre selinux
|
|
|
|
|
%selinux_relabel_pre -s %{selinuxtype}
|
|
|
|
|
|
|
|
|
|
%post selinux
|
2020-03-23 12:22:41 -05:00
|
|
|
|
semodule -d ipa_custodia &> /dev/null || true;
|
2020-02-14 10:43:36 -06:00
|
|
|
|
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.bz2
|
|
|
|
|
|
|
|
|
|
%postun selinux
|
|
|
|
|
if [ $1 -eq 0 ]; then
|
|
|
|
|
%selinux_modules_uninstall -s %{selinuxtype} %{modulename}
|
2020-03-23 12:22:41 -05:00
|
|
|
|
semodule -e ipa_custodia &> /dev/null || true;
|
2020-02-14 10:43:36 -06:00
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
%posttrans selinux
|
|
|
|
|
%selinux_relabel_post -s %{selinuxtype}
|
|
|
|
|
# with_selinux
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
2020-06-19 03:43:56 -05:00
|
|
|
|
%triggerin client -- openssh-server < 8.2
|
2013-04-18 11:06:54 -05:00
|
|
|
|
# Has the client been configured?
|
|
|
|
|
restore=0
|
|
|
|
|
test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}')
|
|
|
|
|
|
|
|
|
|
if [ -f '/etc/ssh/sshd_config' -a $restore -ge 2 ]; then
|
2013-08-13 03:56:26 -05:00
|
|
|
|
if grep -E -q '^(AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys|PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u)$' /etc/ssh/sshd_config 2>/dev/null; then
|
2013-04-18 11:06:54 -05:00
|
|
|
|
sed -r '
|
|
|
|
|
/^(AuthorizedKeysCommand(User|RunAs)|PubKeyAgentRunAs)[ \t]/ d
|
|
|
|
|
' /etc/ssh/sshd_config >/etc/ssh/sshd_config.ipanew
|
|
|
|
|
|
2016-08-11 08:39:35 -05:00
|
|
|
|
if /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandUser=nobody' 2>/dev/null; then
|
2013-04-18 11:06:54 -05:00
|
|
|
|
sed -ri '
|
|
|
|
|
s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
|
|
|
|
|
s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandUser nobody/
|
|
|
|
|
' /etc/ssh/sshd_config.ipanew
|
2016-08-11 08:39:35 -05:00
|
|
|
|
elif /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandRunAs=nobody' 2>/dev/null; then
|
2013-04-18 11:06:54 -05:00
|
|
|
|
sed -ri '
|
|
|
|
|
s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
|
|
|
|
|
s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandRunAs nobody/
|
|
|
|
|
' /etc/ssh/sshd_config.ipanew
|
2016-08-11 08:39:35 -05:00
|
|
|
|
elif /usr/sbin/sshd -t -f /dev/null -o 'PubKeyAgent=/usr/bin/sss_ssh_authorizedkeys %u' -o 'PubKeyAgentRunAs=nobody' 2>/dev/null; then
|
2013-04-18 11:06:54 -05:00
|
|
|
|
sed -ri '
|
|
|
|
|
s/^AuthorizedKeysCommand (.+)$/PubKeyAgent \1 %u/
|
|
|
|
|
s/^PubKeyAgent .*$/\0\nPubKeyAgentRunAs nobody/
|
|
|
|
|
' /etc/ssh/sshd_config.ipanew
|
|
|
|
|
fi
|
|
|
|
|
|
2015-07-17 09:12:07 -05:00
|
|
|
|
mv -Z /etc/ssh/sshd_config.ipanew /etc/ssh/sshd_config
|
2013-04-18 11:06:54 -05:00
|
|
|
|
chmod 600 /etc/ssh/sshd_config
|
|
|
|
|
|
|
|
|
|
/bin/systemctl condrestart sshd.service 2>&1 || :
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2020-06-19 03:43:56 -05:00
|
|
|
|
%triggerin client -- openssh-server >= 8.2
|
|
|
|
|
# Has the client been configured?
|
|
|
|
|
restore=0
|
|
|
|
|
test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}')
|
|
|
|
|
|
|
|
|
|
if [ -f '/etc/ssh/sshd_config' -a $restore -ge 2 ]; then
|
|
|
|
|
# If the snippet already exists, skip
|
|
|
|
|
if [ ! -f '/etc/ssh/sshd_config.d/04-ipa.conf' ]; then
|
|
|
|
|
# Take the values from /etc/ssh/sshd_config and put them in 04-ipa.conf
|
|
|
|
|
grep -E '^(PubkeyAuthentication|KerberosAuthentication|GSSAPIAuthentication|UsePAM|ChallengeResponseAuthentication|AuthorizedKeysCommand|AuthorizedKeysCommandUser)' /etc/ssh/sshd_config 2>/dev/null > /etc/ssh/sshd_config.d/04-ipa.conf
|
|
|
|
|
# Remove the values from sshd_conf
|
|
|
|
|
sed -ri '
|
|
|
|
|
/^(PubkeyAuthentication|KerberosAuthentication|GSSAPIAuthentication|UsePAM|ChallengeResponseAuthentication|AuthorizedKeysCommand|AuthorizedKeysCommandUser)[ \t]/ d
|
|
|
|
|
' /etc/ssh/sshd_config
|
|
|
|
|
|
|
|
|
|
/bin/systemctl condrestart sshd.service 2>&1 || :
|
|
|
|
|
fi
|
2020-10-12 02:51:16 -05:00
|
|
|
|
# If the snippet has been created, ensure that it is included
|
|
|
|
|
# either by /etc/ssh/sshd_config.d/*.conf or directly
|
|
|
|
|
if [ -f '/etc/ssh/sshd_config.d/04-ipa.conf' ]; then
|
|
|
|
|
if ! grep -E -q '^\s*Include\s*/etc/ssh/sshd_config.d/\*\.conf' /etc/ssh/sshd_config 2> /dev/null ; then
|
|
|
|
|
if ! grep -E -q '^\s*Include\s*/etc/ssh/sshd_config.d/04-ipa\.conf' /etc/ssh/sshd_config 2> /dev/null ; then
|
|
|
|
|
# Include the snippet
|
|
|
|
|
echo "Include /etc/ssh/sshd_config.d/04-ipa.conf" > /etc/ssh/sshd_config.ipanew
|
|
|
|
|
cat /etc/ssh/sshd_config >> /etc/ssh/sshd_config.ipanew
|
|
|
|
|
mv -fZ --backup=existing --suffix .ipaold /etc/ssh/sshd_config.ipanew /etc/ssh/sshd_config
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
fi
|
2020-06-19 03:43:56 -05:00
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
2009-10-12 15:00:00 -05:00
|
|
|
|
%if ! %{ONLY_CLIENT}
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
|
|
|
|
%files server
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-08-17 09:14:05 -05:00
|
|
|
|
%license COPYING
|
2013-03-13 08:36:41 -05:00
|
|
|
|
%{_sbindir}/ipa-backup
|
|
|
|
|
%{_sbindir}/ipa-restore
|
2011-06-17 15:47:39 -05:00
|
|
|
|
%{_sbindir}/ipa-ca-install
|
2014-03-18 10:23:30 -05:00
|
|
|
|
%{_sbindir}/ipa-kra-install
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_sbindir}/ipa-server-install
|
2011-05-22 12:17:07 -05:00
|
|
|
|
%{_sbindir}/ipa-replica-conncheck
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_sbindir}/ipa-replica-install
|
|
|
|
|
%{_sbindir}/ipa-replica-manage
|
2011-07-14 22:35:01 -05:00
|
|
|
|
%{_sbindir}/ipa-csreplica-manage
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_sbindir}/ipa-server-certinstall
|
2015-04-02 07:14:15 -05:00
|
|
|
|
%{_sbindir}/ipa-server-upgrade
|
2011-02-11 13:05:20 -06:00
|
|
|
|
%{_sbindir}/ipa-ldap-updater
|
2014-05-08 10:06:16 -05:00
|
|
|
|
%{_sbindir}/ipa-otptoken-import
|
2011-02-11 13:05:20 -06:00
|
|
|
|
%{_sbindir}/ipa-compat-manage
|
|
|
|
|
%{_sbindir}/ipa-nis-manage
|
2011-09-20 11:13:42 -05:00
|
|
|
|
%{_sbindir}/ipa-managed-entries
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_sbindir}/ipactl
|
2013-06-10 07:43:24 -05:00
|
|
|
|
%{_sbindir}/ipa-advise
|
2014-03-13 04:28:27 -05:00
|
|
|
|
%{_sbindir}/ipa-cacert-manage
|
2015-04-29 01:16:12 -05:00
|
|
|
|
%{_sbindir}/ipa-winsync-migrate
|
2017-06-05 07:41:02 -05:00
|
|
|
|
%{_sbindir}/ipa-pkinit-manage
|
2019-02-22 10:19:22 -06:00
|
|
|
|
%{_sbindir}/ipa-crlgen-manage
|
2019-03-22 00:53:53 -05:00
|
|
|
|
%{_sbindir}/ipa-cert-fix
|
2020-06-02 05:34:17 -05:00
|
|
|
|
%{_sbindir}/ipa-acme-manage
|
2013-10-16 02:26:39 -05:00
|
|
|
|
%{_libexecdir}/certmonger/dogtag-ipa-ca-renew-agent-submit
|
2015-01-08 03:06:46 -06:00
|
|
|
|
%{_libexecdir}/certmonger/ipa-server-guard
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%dir %{_libexecdir}/ipa
|
2020-11-19 15:29:05 -06:00
|
|
|
|
%{_libexecdir}/ipa/ipa-ccache-sweeper
|
2017-02-28 05:07:19 -06:00
|
|
|
|
%{_libexecdir}/ipa/ipa-custodia
|
2017-08-01 04:33:32 -05:00
|
|
|
|
%{_libexecdir}/ipa/ipa-custodia-check
|
2015-06-23 10:01:00 -05:00
|
|
|
|
%{_libexecdir}/ipa/ipa-httpd-kdcproxy
|
2018-02-26 03:15:05 -06:00
|
|
|
|
%{_libexecdir}/ipa/ipa-httpd-pwdreader
|
2016-05-31 17:07:33 -05:00
|
|
|
|
%{_libexecdir}/ipa/ipa-pki-retrieve-key
|
2019-04-17 00:45:18 -05:00
|
|
|
|
%{_libexecdir}/ipa/ipa-pki-wait-running
|
2016-09-29 17:00:02 -05:00
|
|
|
|
%{_libexecdir}/ipa/ipa-otpd
|
2020-05-18 01:40:30 -05:00
|
|
|
|
%{_libexecdir}/ipa/ipa-print-pac
|
2020-03-13 05:13:50 -05:00
|
|
|
|
%dir %{_libexecdir}/ipa/custodia
|
|
|
|
|
%attr(755,root,root) %{_libexecdir}/ipa/custodia/ipa-custodia-dmldap
|
|
|
|
|
%attr(755,root,root) %{_libexecdir}/ipa/custodia/ipa-custodia-pki-tomcat
|
|
|
|
|
%attr(755,root,root) %{_libexecdir}/ipa/custodia/ipa-custodia-pki-tomcat-wrapped
|
|
|
|
|
%attr(755,root,root) %{_libexecdir}/ipa/custodia/ipa-custodia-ra-agent
|
2015-12-09 01:17:07 -06:00
|
|
|
|
%dir %{_libexecdir}/ipa/oddjob
|
2015-12-09 01:18:21 -06:00
|
|
|
|
%attr(0755,root,root) %{_libexecdir}/ipa/oddjob/org.freeipa.server.conncheck
|
ipa-adtrust-install: run remote configuration for new agents
When ipa-adtrust-install is run, the tool detects masters that are
not enabled as trust agents and propose to configure them. With the
current code, the Schema Compat plugin is not enabled on these new
trust agents and a manual restart of LDAP server + SSSD is required.
With this commit, ipa-adtrust-install now calls remote code on the new
agents through JSON RPC api, in order to configure the missing parts.
On the remote agent, the command is using DBus and oddjob to launch
a new command,
/usr/libexec/ipa/oddjob/org.freeipa.server.trust-enable-agent [--enable-compat]
This command configures the Schema Compat plugin if --enable-compat is
provided, then restarts LDAP server and SSSD.
If the remote agent is an older version and does not support remote
enablement, or if the remote server is not responding, the tool
ipa-adtrust-install prints a WARNING explaining the steps that need
to be manually executed in order to complete the installation, and
exits successfully (keeping the current behavior).
Fixes: https://pagure.io/freeipa/issue/7600
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Sergey Orlov <sorlov@redhat.com>
2020-02-18 09:24:32 -06:00
|
|
|
|
%attr(0755,root,root) %{_libexecdir}/ipa/oddjob/org.freeipa.server.trust-enable-agent
|
2015-12-09 01:18:21 -06:00
|
|
|
|
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freeipa.server.conf
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/oddjobd.conf.d/ipa-server.conf
|
2016-02-23 05:10:34 -06:00
|
|
|
|
%dir %{_libexecdir}/ipa/certmonger
|
|
|
|
|
%attr(755,root,root) %{_libexecdir}/ipa/certmonger/*
|
2015-12-07 06:52:38 -06:00
|
|
|
|
# NOTE: systemd specific section
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa.service
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-otpd.socket
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-otpd@.service
|
2020-11-19 15:29:05 -06:00
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-ccache-sweep.service
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-ccache-sweep.timer
|
2015-12-07 06:52:38 -06:00
|
|
|
|
# END
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_pwd_extop.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_enrollment_extop.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_winsync.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_repl_version.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_uuid.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_modrdn.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_lockout.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_dns.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_range_check.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_otp_counter.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_otp_lasttoken.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libtopology.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_sidgen.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_sidgen_task.so
|
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_extdom_extop.so
|
|
|
|
|
%attr(755,root,root) %{_libdir}/krb5/plugins/kdb/ipadb.so
|
2016-11-04 07:36:45 -05:00
|
|
|
|
%{_mandir}/man1/ipa-replica-conncheck.1*
|
|
|
|
|
%{_mandir}/man1/ipa-replica-install.1*
|
|
|
|
|
%{_mandir}/man1/ipa-replica-manage.1*
|
|
|
|
|
%{_mandir}/man1/ipa-csreplica-manage.1*
|
|
|
|
|
%{_mandir}/man1/ipa-server-certinstall.1*
|
|
|
|
|
%{_mandir}/man1/ipa-server-install.1*
|
|
|
|
|
%{_mandir}/man1/ipa-server-upgrade.1*
|
|
|
|
|
%{_mandir}/man1/ipa-ca-install.1*
|
|
|
|
|
%{_mandir}/man1/ipa-kra-install.1*
|
|
|
|
|
%{_mandir}/man1/ipa-compat-manage.1*
|
|
|
|
|
%{_mandir}/man1/ipa-nis-manage.1*
|
|
|
|
|
%{_mandir}/man1/ipa-managed-entries.1*
|
|
|
|
|
%{_mandir}/man1/ipa-ldap-updater.1*
|
|
|
|
|
%{_mandir}/man8/ipactl.8*
|
|
|
|
|
%{_mandir}/man1/ipa-backup.1*
|
|
|
|
|
%{_mandir}/man1/ipa-restore.1*
|
|
|
|
|
%{_mandir}/man1/ipa-advise.1*
|
|
|
|
|
%{_mandir}/man1/ipa-otptoken-import.1*
|
|
|
|
|
%{_mandir}/man1/ipa-cacert-manage.1*
|
|
|
|
|
%{_mandir}/man1/ipa-winsync-migrate.1*
|
2017-06-05 07:41:02 -05:00
|
|
|
|
%{_mandir}/man1/ipa-pkinit-manage.1*
|
2019-02-22 10:19:22 -06:00
|
|
|
|
%{_mandir}/man1/ipa-crlgen-manage.1*
|
2019-03-25 00:13:38 -05:00
|
|
|
|
%{_mandir}/man1/ipa-cert-fix.1*
|
2020-06-02 05:34:17 -05:00
|
|
|
|
%{_mandir}/man1/ipa-acme-manage.1*
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2016-11-24 10:35:24 -06:00
|
|
|
|
|
|
|
|
|
%files -n python3-ipaserver
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%license COPYING
|
2016-11-24 10:35:24 -06:00
|
|
|
|
%{python3_sitelib}/ipaserver
|
|
|
|
|
%{python3_sitelib}/ipaserver-*.egg-info
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
|
|
|
|
%files server-common
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%license COPYING
|
2015-09-23 03:35:06 -05:00
|
|
|
|
%ghost %verify(not owner group) %dir %{_sharedstatedir}/kdcproxy
|
2015-07-14 06:41:46 -05:00
|
|
|
|
%dir %attr(0755,root,root) %{_sysconfdir}/ipa/kdcproxy
|
2015-06-23 10:01:00 -05:00
|
|
|
|
%config(noreplace) %{_sysconfdir}/ipa/kdcproxy/kdcproxy.conf
|
2017-07-11 07:10:28 -05:00
|
|
|
|
# NOTE: systemd specific section
|
|
|
|
|
%{_tmpfilesdir}/ipa.conf
|
2015-05-08 12:39:29 -05:00
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-custodia.service
|
2016-03-16 03:04:42 -05:00
|
|
|
|
%ghost %attr(644,root,root) %{etc_systemd_dir}/httpd.d/ipa.conf
|
2012-11-14 09:45:41 -06:00
|
|
|
|
# END
|
2010-03-01 22:41:41 -06:00
|
|
|
|
%{_usr}/share/ipa/wsgi.py*
|
2017-03-29 10:58:47 -05:00
|
|
|
|
%{_usr}/share/ipa/kdcproxy.wsgi
|
2018-08-30 09:42:40 -05:00
|
|
|
|
%{_usr}/share/ipa/ipaca*.ini
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_usr}/share/ipa/*.ldif
|
2020-08-13 03:19:05 -05:00
|
|
|
|
%exclude %{_datadir}/ipa/ipa-cldap-conf.ldif
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_usr}/share/ipa/*.uldif
|
|
|
|
|
%{_usr}/share/ipa/*.template
|
2013-08-01 07:12:39 -05:00
|
|
|
|
%dir %{_usr}/share/ipa/advise
|
|
|
|
|
%dir %{_usr}/share/ipa/advise/legacy
|
|
|
|
|
%{_usr}/share/ipa/advise/legacy/*.template
|
2015-05-11 20:17:48 -05:00
|
|
|
|
%dir %{_usr}/share/ipa/profiles
|
2017-06-11 21:49:51 -05:00
|
|
|
|
%{_usr}/share/ipa/profiles/README
|
2015-05-11 20:17:48 -05:00
|
|
|
|
%{_usr}/share/ipa/profiles/*.cfg
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%dir %{_usr}/share/ipa/html
|
|
|
|
|
%{_usr}/share/ipa/html/ssbrowser.html
|
|
|
|
|
%{_usr}/share/ipa/html/unauthorized.html
|
2010-01-12 09:40:09 -06:00
|
|
|
|
%dir %{_usr}/share/ipa/migration
|
|
|
|
|
%{_usr}/share/ipa/migration/index.html
|
|
|
|
|
%{_usr}/share/ipa/migration/migration.py*
|
2011-01-19 11:26:14 -06:00
|
|
|
|
%dir %{_usr}/share/ipa/ui
|
|
|
|
|
%{_usr}/share/ipa/ui/index.html
|
2012-06-08 09:38:17 -05:00
|
|
|
|
%{_usr}/share/ipa/ui/reset_password.html
|
2014-06-05 11:50:03 -05:00
|
|
|
|
%{_usr}/share/ipa/ui/sync_otp.html
|
2011-08-02 12:42:42 -05:00
|
|
|
|
%{_usr}/share/ipa/ui/*.ico
|
2011-01-19 11:26:14 -06:00
|
|
|
|
%{_usr}/share/ipa/ui/*.css
|
2013-12-04 09:15:20 -06:00
|
|
|
|
%dir %{_usr}/share/ipa/ui/css
|
2013-10-10 06:41:31 -05:00
|
|
|
|
%{_usr}/share/ipa/ui/css/*.css
|
2013-11-27 07:20:22 -06:00
|
|
|
|
%dir %{_usr}/share/ipa/ui/js
|
2012-11-23 10:19:37 -06:00
|
|
|
|
%dir %{_usr}/share/ipa/ui/js/dojo
|
|
|
|
|
%{_usr}/share/ipa/ui/js/dojo/dojo.js
|
|
|
|
|
%dir %{_usr}/share/ipa/ui/js/libs
|
|
|
|
|
%{_usr}/share/ipa/ui/js/libs/*.js
|
|
|
|
|
%dir %{_usr}/share/ipa/ui/js/freeipa
|
|
|
|
|
%{_usr}/share/ipa/ui/js/freeipa/app.js
|
2014-06-05 10:12:41 -05:00
|
|
|
|
%{_usr}/share/ipa/ui/js/freeipa/core.js
|
2013-03-20 11:28:17 -05:00
|
|
|
|
%dir %{_usr}/share/ipa/ui/js/plugins
|
2011-10-26 16:06:17 -05:00
|
|
|
|
%dir %{_usr}/share/ipa/ui/images
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if 0%{?rhel}
|
|
|
|
|
%{_usr}/share/ipa/ui/images/facet-*.png
|
|
|
|
|
# Moved branding logos and background to redhat-logos-ipa-80.4:
|
|
|
|
|
# header-logo.png, login-screen-background.jpg, login-screen-logo.png,
|
|
|
|
|
# product-name.png
|
|
|
|
|
%else
|
2013-11-13 09:02:48 -06:00
|
|
|
|
%{_usr}/share/ipa/ui/images/*.jpg
|
2011-10-26 16:06:17 -05:00
|
|
|
|
%{_usr}/share/ipa/ui/images/*.png
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%endif
|
2013-04-23 12:54:21 -05:00
|
|
|
|
%dir %{_usr}/share/ipa/wsgi
|
|
|
|
|
%{_usr}/share/ipa/wsgi/plugins.py*
|
|
|
|
|
%dir %{_sysconfdir}/ipa
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%dir %{_sysconfdir}/ipa/html
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/ipa/html/ssbrowser.html
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/ipa/html/unauthorized.html
|
2019-05-15 07:35:32 -05:00
|
|
|
|
%ghost %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa-rewrite.conf
|
|
|
|
|
%ghost %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa.conf
|
|
|
|
|
%ghost %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa-kdc-proxy.conf
|
2020-03-10 16:13:04 -05:00
|
|
|
|
%ghost %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa-pki-proxy.conf
|
2019-05-15 07:35:32 -05:00
|
|
|
|
%ghost %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipa/kdcproxy/ipa-kdc-proxy.conf
|
|
|
|
|
%ghost %attr(0644,root,root) %config(noreplace) %{_usr}/share/ipa/html/ca.crt
|
2019-09-24 07:00:55 -05:00
|
|
|
|
%ghost %attr(0640,root,named) %config(noreplace) %{_sysconfdir}/named/ipa-ext.conf
|
2020-04-25 11:06:45 -05:00
|
|
|
|
%ghost %attr(0640,root,named) %config(noreplace) %{_sysconfdir}/named/ipa-options-ext.conf
|
2019-05-15 07:35:32 -05:00
|
|
|
|
%ghost %attr(0644,root,root) %{_usr}/share/ipa/html/krb.con
|
|
|
|
|
%ghost %attr(0644,root,root) %{_usr}/share/ipa/html/krb5.ini
|
|
|
|
|
%ghost %attr(0644,root,root) %{_usr}/share/ipa/html/krbrealm.con
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%dir %{_usr}/share/ipa/updates/
|
|
|
|
|
%{_usr}/share/ipa/updates/*
|
|
|
|
|
%dir %{_localstatedir}/lib/ipa
|
2013-04-16 02:44:28 -05:00
|
|
|
|
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/backup
|
2016-11-29 10:10:22 -06:00
|
|
|
|
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/gssproxy
|
2017-09-18 10:31:45 -05:00
|
|
|
|
%attr(711,root,root) %dir %{_localstatedir}/lib/ipa/sysrestore
|
2012-06-08 01:31:37 -05:00
|
|
|
|
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/sysupgrade
|
2012-10-08 08:58:48 -05:00
|
|
|
|
%attr(755,root,root) %dir %{_localstatedir}/lib/ipa/pki-ca
|
2018-02-09 02:39:02 -06:00
|
|
|
|
%attr(755,root,root) %dir %{_localstatedir}/lib/ipa/certs
|
2018-02-26 03:15:05 -06:00
|
|
|
|
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/private
|
|
|
|
|
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/passwds
|
2019-05-15 07:35:32 -05:00
|
|
|
|
%ghost %attr(775,root,pkiuser) %{_localstatedir}/lib/ipa/pki-ca/publish
|
|
|
|
|
%ghost %attr(770,named,named) %{_localstatedir}/named/dyndb-ldap/ipa
|
2015-05-08 12:39:29 -05:00
|
|
|
|
%dir %attr(0700,root,root) %{_sysconfdir}/ipa/custodia
|
2016-08-05 05:04:19 -05:00
|
|
|
|
%dir %{_usr}/share/ipa/schema.d
|
|
|
|
|
%attr(0644,root,root) %{_usr}/share/ipa/schema.d/README
|
2016-08-19 08:23:55 -05:00
|
|
|
|
%attr(0644,root,root) %{_usr}/share/ipa/gssapi.login
|
2017-05-18 02:57:40 -05:00
|
|
|
|
%{_usr}/share/ipa/ipakrb5.aug
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2015-07-16 08:09:45 -05:00
|
|
|
|
%files server-dns
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%license COPYING
|
2018-02-22 08:45:13 -06:00
|
|
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/ipa-dnskeysyncd
|
|
|
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/ipa-ods-exporter
|
|
|
|
|
%dir %attr(0755,root,root) %{_sysconfdir}/ipa/dnssec
|
|
|
|
|
%{_libexecdir}/ipa/ipa-dnskeysyncd
|
|
|
|
|
%{_libexecdir}/ipa/ipa-dnskeysync-replica
|
|
|
|
|
%{_libexecdir}/ipa/ipa-ods-exporter
|
2015-07-16 08:09:45 -05:00
|
|
|
|
%{_sbindir}/ipa-dns-install
|
2016-11-04 07:36:45 -05:00
|
|
|
|
%{_mandir}/man1/ipa-dns-install.1*
|
2018-02-22 08:45:13 -06:00
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-dnskeysyncd.service
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-ods-exporter.socket
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-ods-exporter.service
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2012-02-28 05:24:41 -06:00
|
|
|
|
%files server-trust-ad
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%license COPYING
|
2012-06-12 07:58:50 -05:00
|
|
|
|
%{_sbindir}/ipa-adtrust-install
|
2012-02-28 05:24:41 -06:00
|
|
|
|
%{_usr}/share/ipa/smb.conf.empty
|
2012-06-12 07:58:50 -05:00
|
|
|
|
%attr(755,root,root) %{_libdir}/samba/pdb/ipasam.so
|
2020-08-13 03:19:05 -05:00
|
|
|
|
%attr(755,root,root) %{plugin_dir}/libipa_cldap.so
|
|
|
|
|
%{_datadir}/ipa/ipa-cldap-conf.ldif
|
2016-11-04 07:36:45 -05:00
|
|
|
|
%{_mandir}/man1/ipa-adtrust-install.1*
|
2012-10-10 01:46:08 -05:00
|
|
|
|
%ghost %{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so
|
2015-06-05 07:57:02 -05:00
|
|
|
|
%{_sysconfdir}/dbus-1/system.d/oddjob-ipa-trust.conf
|
|
|
|
|
%{_sysconfdir}/oddjobd.conf.d/oddjobd-ipa-trust.conf
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%attr(755,root,root) %{_libexecdir}/ipa/oddjob/com.redhat.idm.trust-fetch-domains
|
2013-12-03 10:14:00 -06:00
|
|
|
|
|
2019-07-16 05:45:48 -05:00
|
|
|
|
# ONLY_CLIENT
|
|
|
|
|
%endif
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%files client
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-08-17 09:14:05 -05:00
|
|
|
|
%license COPYING
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_sbindir}/ipa-client-install
|
2012-05-29 13:20:38 -05:00
|
|
|
|
%{_sbindir}/ipa-client-automount
|
2014-06-27 05:31:50 -05:00
|
|
|
|
%{_sbindir}/ipa-certupdate
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%{_sbindir}/ipa-getkeytab
|
2009-12-04 15:29:09 -06:00
|
|
|
|
%{_sbindir}/ipa-rmkeytab
|
2009-09-14 16:04:08 -05:00
|
|
|
|
%{_sbindir}/ipa-join
|
2016-08-25 03:59:34 -05:00
|
|
|
|
%{_bindir}/ipa
|
|
|
|
|
%config %{_sysconfdir}/bash_completion.d
|
2019-06-19 08:13:10 -05:00
|
|
|
|
%config %{_sysconfdir}/sysconfig/certmonger
|
2016-11-04 07:36:45 -05:00
|
|
|
|
%{_mandir}/man1/ipa.1*
|
|
|
|
|
%{_mandir}/man1/ipa-getkeytab.1*
|
|
|
|
|
%{_mandir}/man1/ipa-rmkeytab.1*
|
|
|
|
|
%{_mandir}/man1/ipa-client-install.1*
|
|
|
|
|
%{_mandir}/man1/ipa-client-automount.1*
|
|
|
|
|
%{_mandir}/man1/ipa-certupdate.1*
|
|
|
|
|
%{_mandir}/man1/ipa-join.1*
|
2020-06-24 22:21:31 -05:00
|
|
|
|
%dir %{_libexecdir}/ipa/acme
|
|
|
|
|
%{_libexecdir}/ipa/acme/certbot-dns-ipa
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2019-05-18 06:54:48 -05:00
|
|
|
|
%files client-samba
|
|
|
|
|
%doc README.md Contributors.txt
|
|
|
|
|
%license COPYING
|
|
|
|
|
%{_sbindir}/ipa-client-samba
|
|
|
|
|
%{_mandir}/man1/ipa-client-samba.1*
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2020-05-05 08:59:11 -05:00
|
|
|
|
|
|
|
|
|
%files client-epn
|
|
|
|
|
%doc README.md Contributors.txt
|
2020-06-22 09:39:02 -05:00
|
|
|
|
%dir %{_sysconfdir}/ipa/epn
|
2020-05-05 08:59:11 -05:00
|
|
|
|
%license COPYING
|
|
|
|
|
%{_sbindir}/ipa-epn
|
|
|
|
|
%{_mandir}/man1/ipa-epn.1*
|
|
|
|
|
%{_mandir}/man5/epn.conf.5*
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-epn.service
|
|
|
|
|
%attr(644,root,root) %{_unitdir}/ipa-epn.timer
|
2020-06-22 09:39:02 -05:00
|
|
|
|
%attr(600,root,root) %config(noreplace) %{_sysconfdir}/ipa/epn.conf
|
|
|
|
|
%attr(644,root,root) %config(noreplace) %{_sysconfdir}/ipa/epn/expire_msg.template
|
2020-05-05 08:59:11 -05:00
|
|
|
|
|
2016-02-19 07:54:18 -06:00
|
|
|
|
%files -n python3-ipaclient
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2016-02-19 07:54:18 -06:00
|
|
|
|
%license COPYING
|
|
|
|
|
%dir %{python3_sitelib}/ipaclient
|
|
|
|
|
%{python3_sitelib}/ipaclient/*.py
|
|
|
|
|
%{python3_sitelib}/ipaclient/__pycache__/*.py*
|
2017-05-10 11:39:22 -05:00
|
|
|
|
%dir %{python3_sitelib}/ipaclient/install
|
2016-10-19 03:52:37 -05:00
|
|
|
|
%{python3_sitelib}/ipaclient/install/*.py
|
|
|
|
|
%{python3_sitelib}/ipaclient/install/__pycache__/*.py*
|
2017-05-10 11:39:22 -05:00
|
|
|
|
%dir %{python3_sitelib}/ipaclient/plugins
|
2016-03-08 05:37:40 -06:00
|
|
|
|
%{python3_sitelib}/ipaclient/plugins/*.py
|
|
|
|
|
%{python3_sitelib}/ipaclient/plugins/__pycache__/*.py*
|
2017-05-10 11:39:22 -05:00
|
|
|
|
%dir %{python3_sitelib}/ipaclient/remote_plugins
|
2016-06-02 03:12:26 -05:00
|
|
|
|
%{python3_sitelib}/ipaclient/remote_plugins/*.py
|
|
|
|
|
%{python3_sitelib}/ipaclient/remote_plugins/__pycache__/*.py*
|
2017-05-30 09:55:41 -05:00
|
|
|
|
%dir %{python3_sitelib}/ipaclient/remote_plugins/2_*
|
2016-06-30 08:51:29 -05:00
|
|
|
|
%{python3_sitelib}/ipaclient/remote_plugins/2_*/*.py
|
|
|
|
|
%{python3_sitelib}/ipaclient/remote_plugins/2_*/__pycache__/*.py*
|
2016-02-19 07:54:18 -06:00
|
|
|
|
%{python3_sitelib}/ipaclient-*.egg-info
|
|
|
|
|
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%files client-common
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%license COPYING
|
2015-11-26 03:52:07 -06:00
|
|
|
|
%dir %attr(0755,root,root) %{_sysconfdir}/ipa/
|
2019-05-15 07:35:32 -05:00
|
|
|
|
%ghost %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipa/default.conf
|
|
|
|
|
%ghost %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
|
2015-11-26 03:52:07 -06:00
|
|
|
|
%dir %attr(0755,root,root) %{_sysconfdir}/ipa/nssdb
|
2017-11-08 05:10:54 -06:00
|
|
|
|
# old dbm format
|
2019-05-15 07:35:32 -05:00
|
|
|
|
%ghost %attr(644,root,root) %config(noreplace) %{_sysconfdir}/ipa/nssdb/cert8.db
|
|
|
|
|
%ghost %attr(644,root,root) %config(noreplace) %{_sysconfdir}/ipa/nssdb/key3.db
|
|
|
|
|
%ghost %attr(644,root,root) %config(noreplace) %{_sysconfdir}/ipa/nssdb/secmod.db
|
2017-11-08 05:10:54 -06:00
|
|
|
|
# new sql format
|
2019-05-15 07:35:32 -05:00
|
|
|
|
%ghost %attr(644,root,root) %config(noreplace) %{_sysconfdir}/ipa/nssdb/cert9.db
|
|
|
|
|
%ghost %attr(644,root,root) %config(noreplace) %{_sysconfdir}/ipa/nssdb/key4.db
|
|
|
|
|
%ghost %attr(644,root,root) %config(noreplace) %{_sysconfdir}/ipa/nssdb/pkcs11.txt
|
|
|
|
|
%ghost %attr(600,root,root) %config(noreplace) %{_sysconfdir}/ipa/nssdb/pwdfile.txt
|
|
|
|
|
%ghost %attr(644,root,root) %config(noreplace) %{_sysconfdir}/pki/ca-trust/source/ipa.p11-kit
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%dir %{_localstatedir}/lib/ipa-client
|
2017-05-03 01:48:57 -05:00
|
|
|
|
%dir %{_localstatedir}/lib/ipa-client/pki
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%dir %{_localstatedir}/lib/ipa-client/sysrestore
|
2016-11-04 07:36:45 -05:00
|
|
|
|
%{_mandir}/man5/default.conf.5*
|
2018-05-22 03:58:51 -05:00
|
|
|
|
%dir %{_usr}/share/ipa/client
|
|
|
|
|
%{_usr}/share/ipa/client/*.template
|
2009-02-02 12:50:53 -06:00
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
|
|
|
|
%files python-compat
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%license COPYING
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files common -f %{gettext_domain}.lang
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-12-07 06:52:38 -06:00
|
|
|
|
%license COPYING
|
2018-05-02 11:39:32 -05:00
|
|
|
|
%dir %{_usr}/share/ipa
|
2020-06-24 22:21:31 -05:00
|
|
|
|
%dir %{_libexecdir}/ipa
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%files -n python3-ipalib
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%license COPYING
|
|
|
|
|
|
|
|
|
|
%{python3_sitelib}/ipapython/
|
|
|
|
|
%{python3_sitelib}/ipalib/
|
|
|
|
|
%{python3_sitelib}/ipaplatform/
|
|
|
|
|
%{python3_sitelib}/ipapython-*.egg-info
|
|
|
|
|
%{python3_sitelib}/ipalib-*.egg-info
|
|
|
|
|
%{python3_sitelib}/ipaplatform-*.egg-info
|
|
|
|
|
|
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
%if %{with ipatests}
|
|
|
|
|
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%files -n python3-ipatests
|
2017-02-28 12:04:03 -06:00
|
|
|
|
%doc README.md Contributors.txt
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%license COPYING
|
2016-11-24 10:35:24 -06:00
|
|
|
|
%{python3_sitelib}/ipatests
|
|
|
|
|
%{python3_sitelib}/ipatests-*.egg-info
|
2015-11-03 09:39:40 -06:00
|
|
|
|
%{_bindir}/ipa-run-tests-3
|
|
|
|
|
%{_bindir}/ipa-test-config-3
|
|
|
|
|
%{_bindir}/ipa-test-task-3
|
|
|
|
|
%{_bindir}/ipa-run-tests-%{python3_version}
|
|
|
|
|
%{_bindir}/ipa-test-config-%{python3_version}
|
|
|
|
|
%{_bindir}/ipa-test-task-%{python3_version}
|
2018-05-29 13:02:10 -05:00
|
|
|
|
%{_bindir}/ipa-run-tests
|
|
|
|
|
%{_bindir}/ipa-test-config
|
|
|
|
|
%{_bindir}/ipa-test-task
|
|
|
|
|
%{_mandir}/man1/ipa-run-tests.1*
|
|
|
|
|
%{_mandir}/man1/ipa-test-config.1*
|
|
|
|
|
%{_mandir}/man1/ipa-test-task.1*
|
2015-11-03 09:39:40 -06:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# with ipatests
|
2019-07-16 05:45:48 -05:00
|
|
|
|
%endif
|
2013-05-21 06:40:27 -05:00
|
|
|
|
|
2020-12-02 01:51:49 -06:00
|
|
|
|
|
|
|
|
|
%if %{with selinux}
|
2020-02-14 10:43:36 -06:00
|
|
|
|
%files selinux
|
|
|
|
|
%{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.*
|
|
|
|
|
%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
2020-12-02 01:51:49 -06:00
|
|
|
|
# with selinux
|
2020-02-14 10:43:36 -06:00
|
|
|
|
%endif
|
2015-12-07 06:52:38 -06:00
|
|
|
|
|
2009-02-02 12:50:53 -06:00
|
|
|
|
%changelog
|
2016-10-21 15:35:28 -05:00
|
|
|
|
* Tue Nov 26 2013 Petr Viktorin <pviktori@redhat.com> - @VERSION@-@VENDOR_SUFFIX@
|
2013-11-26 06:06:07 -06:00
|
|
|
|
- Remove changelog. The history is kept in Git, downstreams have own logs.
|
|
|
|
|
# note, this entry is here to placate tools that expect a non-empty changelog
|