Hello community, here is the log from the commit of package yast2-ldap-client for openSUSE:11.4 checked in at Thu Apr 21 00:15:13 CEST 2011.
-------- --- old-versions/11.4/all/yast2-ldap-client/yast2-ldap-client.changes 2011-02-04 09:00:55.000000000 +0100 +++ 11.4/yast2-ldap-client/yast2-ldap-client.changes 2011-04-20 15:11:44.000000000 +0200 @@ -1,0 +2,10 @@ +Mon Apr 18 10:50:28 CEST 2011 - [email protected] + +- if sssd is removed in GUI, remove also the pam module (bnc#680184) +- added command line options for SSSD (bnc#680848) +- remove 'ldap' from nsswitch.conf when sssd is configured + (bnc#681818) +- remove ldap and ldap-account_only PAM modules when sssd is set +- 2.20.14.1 + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.4/all/yast2-ldap-client Destination is old-versions/11.4/UPDATES/all/yast2-ldap-client calling whatdependson for 11.4-i586 Old: ---- yast2-ldap-client-2.20.14.tar.bz2 New: ---- yast2-ldap-client-2.20.14.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-ldap-client.spec ++++++ --- /var/tmp/diff_new_pack.DGIPiN/_old 2011-04-21 00:09:16.000000000 +0200 +++ /var/tmp/diff_new_pack.DGIPiN/_new 2011-04-21 00:09:16.000000000 +0200 @@ -19,11 +19,11 @@ Name: yast2-ldap-client -Version: 2.20.14 -Release: 1 +Version: 2.20.14.1 +Release: 0.<RELEASE2> BuildRoot: %{_tmppath}/%{name}-%{version}-build -Source0: yast2-ldap-client-2.20.14.tar.bz2 +Source0: yast2-ldap-client-2.20.14.1.tar.bz2 Prefix: /usr @@ -58,7 +58,7 @@ OpenLDAP server will be used for user authentication. %prep -%setup -n yast2-ldap-client-2.20.14 +%setup -n yast2-ldap-client-2.20.14.1 %build %{prefix}/bin/y2tool y2autoconf ++++++ yast2-ldap-client-2.20.14.tar.bz2 -> yast2-ldap-client-2.20.14.1.tar.bz2 ++++++ ++++ 2792 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.14/VERSION new/yast2-ldap-client-2.20.14.1/VERSION --- old/yast2-ldap-client-2.20.14/VERSION 2011-02-04 08:58:46.000000000 +0100 +++ new/yast2-ldap-client-2.20.14.1/VERSION 2011-04-18 10:51:08.000000000 +0200 @@ -1 +1 @@ -2.20.14 +2.20.14.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.14/configure.in new/yast2-ldap-client-2.20.14.1/configure.in --- old/yast2-ldap-client-2.20.14/configure.in 2011-01-21 14:41:38.000000000 +0100 +++ new/yast2-ldap-client-2.20.14.1/configure.in 2011-04-20 15:11:46.000000000 +0200 @@ -3,7 +3,7 @@ dnl -- This file is generated by y2autoconf 2.18.11 - DO NOT EDIT! -- dnl (edit configure.in.in instead) -AC_INIT(yast2-ldap-client, 2.20.9, http://bugs.opensuse.org/, yast2-ldap-client) +AC_INIT(yast2-ldap-client, 2.20.14.1, http://bugs.opensuse.org/, yast2-ldap-client) dnl Check for presence of file 'RPMNAME' AC_CONFIG_SRCDIR([RPMNAME]) @@ -18,7 +18,7 @@ AM_INIT_AUTOMAKE(tar-ustar -Wno-portability) dnl Important YaST2 variables -VERSION="2.20.9" +VERSION="2.20.14.1" RPMNAME="yast2-ldap-client" MAINTAINER="Jiri Suchomel <[email protected]>" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.14/src/Ldap.ycp new/yast2-ldap-client-2.20.14.1/src/Ldap.ycp --- old/yast2-ldap-client-2.20.14/src/Ldap.ycp 2011-02-04 15:19:58.000000000 +0100 +++ new/yast2-ldap-client-2.20.14.1/src/Ldap.ycp 2011-04-18 10:56:38.000000000 +0200 @@ -2641,15 +2641,36 @@ { Pam::Add ("sss"); // Add "sss" to the passwd and group databases in nsswitch.conf - Nsswitch::WriteDb ("passwd", (list<string>) - union (nsswitch["passwd"]:[], ["sss"])); - Nsswitch::WriteDb ("group", (list<string>) - union (nsswitch["group"]:[], ["sss"])); + + foreach (string db, [ "passwd", "group" ], { + // replace 'ldap' with sss + nsswitch [db] = filter ( + string v, nsswitch[db]:[], ``(v != "ldap")); + nsswitch [db] = union (nsswitch[db]:[], ["sss"]); + Nsswitch::WriteDb (db, nsswitch[db]:["sss"]); + + // remove 'ldap' from _compat entries + string new_db = db+"_compat"; + nsswitch [new_db] = filter ( + string v, nsswitch[new_db]:[], ``(v != "ldap")); + Nsswitch::WriteDb (new_db, nsswitch[new_db]:[]); + }); + // remove ldap entries from ldap-only db's + foreach (string db, ["services" ,"netgroup", "aliases" ], { + list<string> db_l = (list<string>) filter ( + string v, Nsswitch::ReadDb (db), ``(v != "ldap")); + if (db_l == []) + db_l = ["files"]; + Nsswitch::WriteDb (db, db_l); + }); + if (Pam::Enabled("krb5")) { y2milestone ("configuring 'sss', so 'krb5' will be removed"); + Pam::Remove ("ldap-account_only"); Pam::Remove ("krb5"); } + Pam::Remove ("ldap"); } else { @@ -2665,6 +2686,11 @@ { Pam::Add ("ldap"); } + // sss was removed, using pam_ldap (bnc#680184) + if (Pam::Enabled ("sss")) + { + Pam::Remove ("sss"); + } // modify sources in /etc/nsswitch.conf Nsswitch::WriteDb ("passwd", ["compat"]); @@ -2693,7 +2719,6 @@ } else if (!oes) // ldap is not used { - //TODO: first check, if nss needs to be updated... foreach (string db, [ "passwd", "group" ], ``{ string new_db = db+"_compat"; nsswitch [db] = filter ( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.14/src/ldap.ycp new/yast2-ldap-client-2.20.14.1/src/ldap.ycp --- old/yast2-ldap-client-2.20.14/src/ldap.ycp 2010-08-18 12:35:33.000000000 +0200 +++ new/yast2-ldap-client-2.20.14.1/src/ldap.ycp 2011-04-18 10:53:38.000000000 +0200 @@ -93,6 +93,50 @@ } } + if (options["sssd"]:"" != "") + { + boolean sssd = (options["sssd"]:"" == "yes"); + if (Ldap::sssd != sssd) + { + Ldap::sssd = sssd; + Ldap::modified = true; + } + } + + if (options["cache_credentials"]:"" != "") + { + boolean cache_credentials = (options["cache_credentials"]:"" == "yes"); + if (Ldap::sssd_cache_credentials!= cache_credentials) + { + Ldap::sssd_cache_credentials= cache_credentials; + Ldap::modified = true; + } + } + + if (options["realm"]:"" != "") + { + string realm = options["realm"]:""; + if (Ldap::krb5_realm != realm) + { + Ldap::krb5_realm = realm; + Ldap::modified = true; + } + } + if (options["kdc"]:"" != "") + { + string kdc = options["kdc"]:""; + if (Ldap::krb5_kdcip != kdc) + { + Ldap::krb5_kdcip = kdc; + Ldap::modified = true; + } + } + + if (Ldap::krb5_kdcip != "" && Ldap::krb5_realm != "") + { + Ldap::sssd_with_krb = true; + } + if (haskey (options, "createconfig")) { if (Ldap::bind_pass == nil) @@ -202,14 +246,38 @@ "type" : "enum", "typespec" : [ "yes", "no" ], ], + "sssd" : $[ + // help text for the 'sssd' option + "help" : _("Use System Security Services Daemon (SSSD)"), + "type" : "enum", + "typespec" : [ "yes", "no" ], + ], + "cache_credentials" : $[ + // help text for the 'cache_credentials' option + "help" : _("SSSD Offline Authentication"), + "type" : "enum", + "typespec" : [ "yes", "no" ], + ], + "realm" :$[ + // command line help text for the 'realm' option + "help" : _("Kerberos Realm"), + "type" : "string" + ], + "kdc" :$[ + // command line help text for the 'kdc' option + "help" : _("KDC Server Address"), + "type" : "string" + ], ], "mappings" : $[ "pam" : [ "enable", "disable", "server", "base", - "createconfig", "ldappw", "automounter", "mkhomedir", "tls" + "createconfig", "ldappw", "automounter", "mkhomedir", "tls", + "sssd", "realm", "kdc", "cache_credentials" ], "summary" : [], "configure" : [ "server", "base", "createconfig", "ldappw", - "automounter", "mkhomedir", "tls" + "automounter", "mkhomedir", "tls", + "sssd", "realm", "kdc", "cache_credentials" ], ] ]; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
