Drop upstreamed patches.

debian/changelog

@@ -1,6 +1,7 @@
 freeipa (4.7.2+git20190424-1) UNRELEASED; urgency=medium
 
   * Sync with upstream ipa-4-7 -branch.
+  * Drop upstreamed patches.
 
  -- Timo Aaltonen <tjaalton@debian.org>  Fri, 26 Apr 2019 00:12:20 +0300
 

debian/patches/create-sysconfig-ods.diff

@@ -1,12 +0,0 @@
---- a/ipaserver/install/opendnssecinstance.py
-+++ b/ipaserver/install/opendnssecinstance.py
-@@ -199,6 +199,9 @@ class OpenDNSSECInstance(service.Service
-         if not self.fstore.has_file(paths.SYSCONFIG_ODS):
-             self.fstore.backup_file(paths.SYSCONFIG_ODS)
- 
-+        # create the configfile, opendnssec-enforcer doesn't ship it
-+        open(paths.SYSCONFIG_ODS, 'a').close()
-+
-         directivesetter.set_directive(paths.SYSCONFIG_ODS,
-                                       'SOFTHSM2_CONF',
-                                       paths.DNSSEC_SOFTHSM2_CONF,

debian/patches/dont-migrate-to-authselect.diff

@@ -1,13 +0,0 @@
---- a/ipaplatform/debian/tasks.py
-+++ b/ipaplatform/debian/tasks.py
-@@ -57,6 +57,10 @@ class DebianTaskNamespace(RedHatTaskName
-         # Debian doesn't use authconfig, nothing to restore
-         return True
- 
-+    def migrate_auth_configuration(self, statestore):
-+        # Debian doesn't have authselect
-+        return True
-+
-     @staticmethod
-     def parse_ipa_version(version):
-         return BaseTaskNamespace.parse_ipa_version(version)

debian/patches/fix-fontawesome-path.diff

@@ -1,51 +0,0 @@
---- a/install/share/ipa.conf.template
-+++ b/install/share/ipa.conf.template
-@@ -183,7 +183,7 @@ Alias /ipa/crl "$CRL_PUBLISH_PATH"
- 
- #  List explicitly only the fonts we want to serve
- Alias /ipa/ui/fonts/open-sans "${FONTS_DIR}/open-sans"
--Alias /ipa/ui/fonts/fontawesome "${FONTS_DIR}/fontawesome"
-+Alias /ipa/ui/fonts/fontawesome "${FONTS_DIR}/${FONT_AWESOME_DIR}"
- <Directory "${FONTS_DIR}">
-   SetHandler None
-   AllowOverride None
---- a/ipaplatform/base/paths.py
-+++ b/ipaplatform/base/paths.py
-@@ -245,6 +245,7 @@ class BasePathNamespace(object):
-     SMBD = "/usr/sbin/smbd"
-     USERADD = "/usr/sbin/useradd"
-     FONTS_DIR = "/usr/share/fonts"
-+    FONT_AWESOME_DIR = "fontawesome"
-     USR_SHARE_IPA_DIR = "/usr/share/ipa/"
-     USR_SHARE_IPA_CLIENT_DIR = "/usr/share/ipa/client"
-     CA_TOPOLOGY_ULDIF = "/usr/share/ipa/ca-topology.uldif"
---- a/ipaplatform/debian/paths.py
-+++ b/ipaplatform/debian/paths.py
-@@ -87,6 +87,7 @@ class DebianPathNamespace(BasePathNamesp
-     REMOVE_DS_PL = "/usr/sbin/remove-ds"
-     SETUP_DS_PL = "/usr/sbin/setup-ds"
-     FONTS_DIR = "/usr/share/fonts/truetype"
-+    FONT_AWESOME_DIR = "font-awesome"
-     VAR_KERBEROS_KRB5KDC_DIR = "/var/lib/krb5kdc/"
-     VAR_KRB5KDC_K5_REALM = "/var/lib/krb5kdc/.k5."
-     CACERT_PEM = "/var/lib/krb5kdc/cacert.pem"
---- a/ipaserver/install/httpinstance.py
-+++ b/ipaserver/install/httpinstance.py
-@@ -104,6 +104,7 @@ class HTTPInstance(service.Service):
-             AUTOREDIR='' if auto_redirect else '#',
-             CRL_PUBLISH_PATH=paths.PKI_CA_PUBLISH_DIR,
-             FONTS_DIR=paths.FONTS_DIR,
-+            FONT_AWESOME_DIR=paths.FONT_AWESOME_DIR,
-             GSSAPI_SESSION_KEY=paths.GSSAPI_SESSION_KEY,
-             IPA_CUSTODIA_SOCKET=paths.IPA_CUSTODIA_SOCKET,
-             IPA_CCACHES=paths.IPA_CCACHES,
---- a/ipaserver/install/server/upgrade.py
-+++ b/ipaserver/install/server/upgrade.py
-@@ -1789,6 +1789,7 @@ def upgrade_configuration():
-         WSGI_PROCESSES=constants.WSGI_PROCESSES,
-         GSSAPI_SESSION_KEY=paths.GSSAPI_SESSION_KEY,
-         FONTS_DIR=paths.FONTS_DIR,
-+        FONT_AWESOME_DIR=paths.FONT_AWESOME_DIR,
-         IPA_CCACHES=paths.IPA_CCACHES,
-         IPA_CUSTODIA_SOCKET=paths.IPA_CUSTODIA_SOCKET,
-         KDCPROXY_CONFIG=paths.KDCPROXY_CONFIG,

debian/patches/fix-gzip-path.diff

@@ -1,9 +0,0 @@
---- a/ipaplatform/debian/paths.py
-+++ b/ipaplatform/debian/paths.py
-@@ -105,5 +105,6 @@ class DebianPathNamespace(BasePathNamesp
-     IPA_CUSTODIA_SOCKET = "/run/apache2/ipa-custodia.sock"
-     IPA_CUSTODIA_AUDIT_LOG = '/var/log/ipa-custodia.audit.log'
-     WSGI_PREFIX_DIR = "/run/apache2/wsgi"
-+    GZIP = "/bin/gzip"
- 
- paths = DebianPathNamespace()

debian/patches/fix-krb5kdc-cert-path.diff

@@ -1,18 +0,0 @@
---- a/ipaplatform/debian/paths.py
-+++ b/ipaplatform/debian/paths.py
-@@ -90,12 +90,12 @@ class DebianPathNamespace(BasePathNamesp
-     FONT_AWESOME_DIR = "font-awesome"
-     VAR_KERBEROS_KRB5KDC_DIR = "/var/lib/krb5kdc/"
-     VAR_KRB5KDC_K5_REALM = "/var/lib/krb5kdc/.k5."
--    CACERT_PEM = "/var/lib/krb5kdc/cacert.pem"
-+    CACERT_PEM = "/var/lib/ipa/certs/cacert.pem"
-     KRB5KDC_KADM5_ACL = "/etc/krb5kdc/kadm5.acl"
-     KRB5KDC_KADM5_KEYTAB = "/etc/krb5kdc/kadm5.keytab"
-     KRB5KDC_KDC_CONF = "/etc/krb5kdc/kdc.conf"
--    KDC_CERT = "/var/lib/krb5kdc/kdc.crt"
--    KDC_KEY = "/var/lib/krb5kdc/kdc.key"
-+    KDC_CERT = "/var/lib/ipa/certs/kdc.crt"
-+    KDC_KEY = "/var/lib/ipa/certs/kdc.key"
-     VAR_LOG_HTTPD_DIR = "/var/log/apache2"
-     VAR_LOG_HTTPD_ERROR = "/var/log/apache2/error.log"
-     NAMED_RUN = "/var/cache/bind/named.run"

debian/patches/fix-oddjobd-conf.diff

@@ -1,11 +0,0 @@
---- a/install/oddjob/etc/oddjobd.conf.d/ipa-server.conf
-+++ b/install/oddjob/etc/oddjobd.conf.d/ipa-server.conf
-@@ -6,7 +6,7 @@
-     <object name="/">
-       <interface name="org.freeipa.server">
-         <method name="conncheck">
--          <helper exec="/usr/libexec/ipa/oddjob/org.freeipa.server.conncheck"
-+          <helper exec="/usr/lib/ipa/oddjob/org.freeipa.server.conncheck"
-                   arguments="1"
-                   prepend_user_name="no"
-                   argument_passing_method="cmdline"/>

debian/patches/fix-opendnssec-setup.diff

@@ -1,81 +0,0 @@
-Description: Fix ODS setup with 2.0.x
---- a/install/share/opendnssec_conf.template
-+++ b/install/share/opendnssec_conf.template
-@@ -8,7 +8,7 @@
- 			<Module>$SOFTHSM_LIB</Module>
- 			<TokenLabel>$TOKEN_LABEL</TokenLabel>
- 			<PIN>$PIN</PIN>
--            <AllowExtraction/>
-+			<AllowExtraction/>
- 		</Repository>
- 
- 	</RepositoryList>
---- a/ipaserver/install/opendnssecinstance.py
-+++ b/ipaserver/install/opendnssecinstance.py
-@@ -284,20 +284,15 @@ class OpenDNSSECInstance(service.Service
-             os.chmod(paths.OPENDNSSEC_KASP_DB, 0o660)
- 
-             # regenerate zonelist.xml
--            cmd = [paths.ODS_KSMUTIL, 'zonelist', 'export']
-+            cmd = [paths.ODS_ENFORCER, 'zonelist', 'export']
-             result = ipautil.run(cmd,
-                                  runas=constants.ODS_USER,
-                                  capture_output=True)
--            with open(paths.OPENDNSSEC_ZONELIST_FILE, 'w') as zonelistf:
--                zonelistf.write(result.output)
--                os.chown(paths.OPENDNSSEC_ZONELIST_FILE,
--                         self.ods_uid, self.ods_gid)
--                os.chmod(paths.OPENDNSSEC_ZONELIST_FILE, 0o660)
- 
-         else:
-             # initialize new kasp.db
-             command = [
--                paths.ODS_KSMUTIL,
-+                paths.ODS_ENFORCER_SETUP,
-                 'setup'
-             ]
- 
---- a/ipaplatform/base/paths.py
-+++ b/ipaplatform/base/paths.py
-@@ -183,7 +183,8 @@ class BasePathNamespace(object):
-     NET = "/usr/bin/net"
-     BIN_NISDOMAINNAME = "/usr/bin/nisdomainname"
-     NSUPDATE = "/usr/bin/nsupdate"
--    ODS_KSMUTIL = "/usr/bin/ods-ksmutil"
-+    ODS_ENFORCER = "/usr/sbin/ods-enforcer"
-+    ODS_ENFORCER_SETUP = "/usr/sbin/ods-enforcer-db-setup"
-     ODS_SIGNER = "/usr/sbin/ods-signer"
-     OPENSSL = "/usr/bin/openssl"
-     PK12UTIL = "/usr/bin/pk12util"
---- a/ipaserver/dnssec/odsmgr.py
-+++ b/ipaserver/dnssec/odsmgr.py
-@@ -11,6 +11,7 @@ except ImportError:
-     from xml.etree import ElementTree as etree
- 
- from ipapython import ipa_log_manager, ipautil
-+from ipaplatform.paths import paths
- 
- logger = logging.getLogger(__name__)
- 
-@@ -130,17 +131,18 @@ class ODSMgr(object):
-         self.zl_ldap = LDAPZoneListReader()
- 
-     def ksmutil(self, params):
--        """Call ods-ksmutil with given parameters and return stdout.
-+        """Call ods-enforcer with given parameters and return stdout.
- 
-         Raises CalledProcessError if returncode != 0.
-         """
--        cmd = ['ods-ksmutil'] + params
-+        cmd = [paths.ODS_ENFORCER] + params
-         result = ipautil.run(cmd, capture_output=True)
-         return result.output
- 
-     def get_ods_zonelist(self):
-         stdout = self.ksmutil(['zonelist', 'export'])
--        reader = ODSZoneListReader(stdout)
-+        with open(paths.OPENDNSSEC_ZONELIST_FILE) as f:
-+            reader = ODSZoneListReader(f.read())
-         return reader
- 
-     def add_ods_zone(self, uuid, name):

debian/patches/fix-py3-lesscpy-name.diff

@@ -1,9 +0,0 @@
---- a/install/ui/util/make-css.sh
-+++ b/install/ui/util/make-css.sh
-@@ -22,5 +22,5 @@ set -o errexit
- 
- DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
- 
--py3-lesscpy -x $DIR/../less/ipa.less > $DIR/../css/ipa.css
-+python3-lesscpy -x $DIR/../less/ipa.less > $DIR/../css/ipa.css
- exit $?

debian/patches/hack-tomcat-race.diff

@@ -1,11 +0,0 @@
---- a/ipaserver/install/cainstance.py
-+++ b/ipaserver/install/cainstance.py
-@@ -1755,6 +1755,8 @@ def migrate_profiles_to_ldap():
-     match = re.search(r'^profile\.list=(\S*)', cs_cfg, re.MULTILINE)
-     profile_ids = match.group(1).split(',')
- 
-+    time.sleep(80)
-+
-     for profile_id in profile_ids:
-         match = re.search(
-             r'^profile\.{}\.config=(\S*)'.format(profile_id),

debian/patches/series

@@ -1,14 +1,5 @@
 # upstreamed
 
 # not upstreamable
-create-sysconfig-ods.diff
-hack-tomcat-race.diff
 
 # send upstream
-fix-opendnssec-setup.diff
-fix-fontawesome-path.diff
-fix-krb5kdc-cert-path.diff
-fix-gzip-path.diff
-fix-py3-lesscpy-name.diff
-dont-migrate-to-authselect.diff
-fix-oddjobd-conf.diff