From f282f88f5f6e7dfd7b318bb8dec678919248412b Mon Sep 17 00:00:00 2001 From: Timo Aaltonen Date: Thu, 26 Jun 2014 17:01:26 +0300 Subject: [PATCH] update patches --- debian/patches/add-debian-platform.diff | 65 ++----------------- debian/patches/fix-ldap-conf-path.diff | 11 ---- debian/patches/port-ipa-client-automount.diff | 13 ---- debian/patches/series | 2 - debian/patches/use-new-nssdb.diff | 29 --------- 5 files changed, 6 insertions(+), 114 deletions(-) delete mode 100644 debian/patches/fix-ldap-conf-path.diff delete mode 100644 debian/patches/use-new-nssdb.diff diff --git a/debian/patches/add-debian-platform.diff b/debian/patches/add-debian-platform.diff index b3e6bc2e8..efd39060c 100644 --- a/debian/patches/add-debian-platform.diff +++ b/debian/patches/add-debian-platform.diff @@ -222,62 +222,8 @@ Date: Fri Mar 1 12:21:00 2013 +0200 +This module contains Debian specific platform files. +""" --- /dev/null -+++ b/ipaplatform/debian/authconfig.py -@@ -0,0 +1,51 @@ -+# Authors: -+# Timo Aaltonen -+# -+# Copyright (C) 2014 Timo Aaltonen -+# see file 'COPYING' for use and warranty information -+# -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation, either version 3 of the License, or -+# (at your option) any later version. -+# -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with this program. If not, see . -+ -+from ipapython import ipautil -+from ipaplatform.base.authconfig import AuthConfig -+ -+class DebianAuthConfig(base.AuthConfig): -+ """ -+ Debian implementation of the AuthConfig class. -+ -+ Debian doesn't provide a single application for changing both -+ nss and pam configuration. PAM can be configured using debconf but -+ there is currently no such solution for updating NSS database and -+ every package does it by itself. -+ -+ We'll have to play a catch-up game with the rest of the FreeIPA -+ project filtering out .enable() and .disable() calls that are -+ useless for us, and making the best out of the rest of them. -+ """ -+ -+ def __build_args(self): -+ args = ['--force', '--package'] -+ for (option, value) in self.parameters.items(): -+ if option == "sssdauth": -+ option = "sss" -+ if type(value) is bool and not value: -+ if not any("remove" in s for s in args): -+ args.append("--remove") -+ args.append("%s" % (option)) -+ return args -+ -+ def execute(self): -+ env = {"DEBCONF_FRONTEND" : "noninteractive"} -+ args = self.__build_args() -+ ipautil.run(["/usr/sbin/pam-auth-update"] + args, env = env) ---- /dev/null +++ b/ipaplatform/debian/paths.py -@@ -0,0 +1,33 @@ +@@ -0,0 +1,34 @@ +# Authors: +# Timo Aaltonen +# @@ -307,7 +253,8 @@ Date: Fri Mar 1 12:21:00 2013 +0200 + + +class DebianPathNamespace(BasePathNamespace): -+ ETC_DEBIAN_VERSION = "/etc/debian_version" ++ OPENLDAP_LDAP_CONF = "/etc/ldap/ldap.conf" ++ NSS_DB_DIR = "sql:/etc/pki/nssdb" + SBIN_SERVICE = "/usr/sbin/service" + +paths = DebianPathNamespace() @@ -465,7 +412,7 @@ Date: Fri Mar 1 12:21:00 2013 +0200 +knownservices = DebianServices() --- /dev/null +++ b/ipaplatform/debian/tasks.py -@@ -0,0 +1,36 @@ +@@ -0,0 +1,37 @@ +# Authors: +# Timo Aaltonen +# @@ -491,8 +438,9 @@ Date: Fri Mar 1 12:21:00 2013 +0200 + +from ipaplatform.paths import paths +from ipaplatform.base.tasks import * ++from ipaplatform.fedora.tasks import FedoraTaskNamespace + -+class DebianTaskNamespace(BaseTaskNamespace): ++class DebianTaskNamespace(FedoraTaskNamespace): + + def restore_network_configuration(self, fstore, statestore): + filepath = paths.ETC_HOSTNAME @@ -502,7 +450,6 @@ Date: Fri Mar 1 12:21:00 2013 +0200 + + +tasks = DebianTaskNamespace() -\ No newline at end of file --- a/ipaplatform/setup.py.in +++ b/ipaplatform/setup.py.in @@ -67,6 +67,7 @@ def setup_package(): diff --git a/debian/patches/fix-ldap-conf-path.diff b/debian/patches/fix-ldap-conf-path.diff deleted file mode 100644 index 9a9495452..000000000 --- a/debian/patches/fix-ldap-conf-path.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- a/ipa-client/ipa-install/ipa-client-install -+++ b/ipa-client/ipa-install/ipa-client-install -@@ -948,7 +948,7 @@ def configure_openldap_conf(fstore, cli_ - {'action':'addifnotset', 'name':'TLS_CACERT', 'type':'option', - 'value':CACERT},] - -- target_fname = '/etc/openldap/ldap.conf' -+ target_fname = '/etc/ldap/ldap.conf' - fstore.backup_file(target_fname) - - error_msg = "Configuring {path} failed with: {err}" diff --git a/debian/patches/port-ipa-client-automount.diff b/debian/patches/port-ipa-client-automount.diff index e8892c105..24b3b877e 100644 --- a/debian/patches/port-ipa-client-automount.diff +++ b/debian/patches/port-ipa-client-automount.diff @@ -1,18 +1,5 @@ --- a/ipa-client/ipa-install/ipa-client-automount +++ b/ipa-client/ipa-install/ipa-client-automount -@@ -40,10 +40,10 @@ from ipapython.dn import DN - from ipaplatform.tasks import tasks - from ipaplatform import services - --AUTOFS_CONF = '/etc/sysconfig/autofs' -+AUTOFS_CONF = '/etc/default/autofs' - NSSWITCH_CONF = '/etc/nsswitch.conf' - AUTOFS_LDAP_AUTH = '/etc/autofs_ldap_auth.conf' --NFS_CONF = '/etc/sysconfig/nfs' -+NFS_CONF = '/etc/default/nfs-common' - IDMAPD_CONF = '/etc/idmapd.conf' - - def parse_options(): @@ -310,7 +310,7 @@ def configure_nfs(fstore, statestore): Configure secure NFS """ diff --git a/debian/patches/series b/debian/patches/series index bc5a4d61e..146352f08 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,13 +1,11 @@ # not upstreamable prefix.patch no-test-lang.diff -fix-ldap-conf-path.diff port-ipa-client-automount.diff dont-check-for-systemd-pc.diff # send upstream check-dbus-before-starting.diff add-debian-platform.diff -use-new-nssdb.diff fix-pykerberos-api.diff diff --git a/debian/patches/use-new-nssdb.diff b/debian/patches/use-new-nssdb.diff deleted file mode 100644 index 124fb3b75..000000000 --- a/debian/patches/use-new-nssdb.diff +++ /dev/null @@ -1,29 +0,0 @@ ---- a/ipa-client/ipa-install/ipa-client-install -+++ b/ipa-client/ipa-install/ipa-client-install -@@ -228,7 +228,7 @@ def log_service_error(name, action, erro - root_logger.error("%s failed to %s: %s", name, action, str(error)) - - def nickname_exists(nickname): -- (sout, serr, returncode) = run(["/usr/bin/certutil", "-L", "-d", "/etc/pki/nssdb", "-n", nickname], raiseonerr=False) -+ (sout, serr, returncode) = run(["/usr/bin/certutil", "-L", "-d", "sql:/etc/pki/nssdb", "-n", nickname], raiseonerr=False) - - if returncode == 0: - return True -@@ -487,7 +487,7 @@ def uninstall(options, env): - # Remove our host cert and CA cert - if nickname_exists("IPA CA"): - try: -- run(["/usr/bin/certutil", "-D", "-d", "/etc/pki/nssdb", "-n", "IPA CA"]) -+ run(["/usr/bin/certutil", "-D", "-d", "sql:/etc/pki/nssdb", "-n", "IPA CA"]) - except Exception, e: - root_logger.error( - "Failed to remove IPA CA from /etc/pki/nssdb: %s", str(e)) -@@ -515,7 +515,7 @@ def uninstall(options, env): - - if nickname_exists(client_nss_nickname): - try: -- run(["/usr/bin/certutil", "-D", "-d", "/etc/pki/nssdb", "-n", client_nss_nickname]) -+ run(["/usr/bin/certutil", "-D", "-d", "sql:/etc/pki/nssdb", "-n", client_nss_nickname]) - except Exception, e: - root_logger.error("Failed to remove %s from /etc/pki/nssdb: %s", - client_nss_nickname, str(e))