Hello community, here is the log from the commit of package yast2-kerberos-client for openSUSE:Factory checked in at 2012-12-19 14:51:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-kerberos-client (Old) and /work/SRC/openSUSE:Factory/.yast2-kerberos-client.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-kerberos-client", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-kerberos-client/yast2-kerberos-client.changes 2012-10-09 14:00:53.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-kerberos-client.new/yast2-kerberos-client.changes 2012-12-19 14:51:38.000000000 +0100 @@ -1,0 +2,13 @@ +Wed Dec 19 12:43:04 CET 2012 - [email protected] + +- fixed testsuite +- 2.23.3 + +------------------------------------------------------------------- +Wed Dec 19 12:41:58 CET 2012 - [email protected] + +- read available Kerberos options from sssd if sssd is configured + (bnc#792415) +- 2.23.2 + +------------------------------------------------------------------- Old: ---- yast2-kerberos-client-2.23.1.tar.bz2 New: ---- yast2-kerberos-client-2.23.3.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-kerberos-client.spec ++++++ --- /var/tmp/diff_new_pack.5Boi8n/_old 2012-12-19 14:51:40.000000000 +0100 +++ /var/tmp/diff_new_pack.5Boi8n/_new 2012-12-19 14:51:40.000000000 +0100 @@ -17,7 +17,7 @@ Name: yast2-kerberos-client -Version: 2.23.1 +Version: 2.23.3 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-kerberos-client-2.23.1.tar.bz2 -> yast2-kerberos-client-2.23.3.tar.bz2 ++++++ ++++ 4198 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/Makefile.am.common new/yast2-kerberos-client-2.23.3/Makefile.am.common --- old/yast2-kerberos-client-2.23.1/Makefile.am.common 2012-09-07 10:07:01.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/Makefile.am.common 2012-12-19 12:36:26.000000000 +0100 @@ -30,7 +30,7 @@ dist-hook: check-syntax CHECK_SYNTAX = true -check-syntax: $(client_DATA) $(ycpchook) +check-syntax: $(client_DATA) $(ycpchook) $(ybcfiles) @if test "$(client_DATA)"; then \ if $(CHECK_SYNTAX); then \ TO_CHECK="$(filter %.ycp,$^)"; \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/VERSION new/yast2-kerberos-client-2.23.3/VERSION --- old/yast2-kerberos-client-2.23.1/VERSION 2012-10-04 10:15:19.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/VERSION 2012-12-19 12:43:03.000000000 +0100 @@ -1 +1 @@ -2.23.1 +2.23.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/autodocs-ycp.ami new/yast2-kerberos-client-2.23.3/autodocs-ycp.ami --- old/yast2-kerberos-client-2.23.1/autodocs-ycp.ami 2012-09-07 10:07:01.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/autodocs-ycp.ami 2012-12-19 12:36:26.000000000 +0100 @@ -1,5 +1,5 @@ # -*- makefile -*- Automake include file -# $Id: autodocs-ycp.ami 57644 2009-06-19 08:38:11Z mvidner $ +# $Id$ # Builds source documentation for YCP sources # Uses ycpdoc diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/configure.in new/yast2-kerberos-client-2.23.3/configure.in --- old/yast2-kerberos-client-2.23.1/configure.in 2012-09-07 10:07:01.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/configure.in 2012-12-19 12:36:26.000000000 +0100 @@ -1,9 +1,9 @@ dnl configure.in for yast2-kerberos-client dnl -dnl -- This file is generated by y2autoconf 2.21.8 - DO NOT EDIT! -- +dnl -- This file is generated by y2autoconf 2.23.1 - DO NOT EDIT! -- dnl (edit configure.in.in instead) -AC_INIT(yast2-kerberos-client, 2.22.3, http://bugs.opensuse.org/, yast2-kerberos-client) +AC_INIT(yast2-kerberos-client, 2.23.2, http://bugs.opensuse.org/, yast2-kerberos-client) dnl Check for presence of file 'RPMNAME' AC_CONFIG_SRCDIR([RPMNAME]) @@ -18,7 +18,7 @@ AM_INIT_AUTOMAKE(tar-ustar -Wno-portability) dnl Important YaST2 variables -VERSION="2.22.3" +VERSION="2.23.2" RPMNAME="yast2-kerberos-client" MAINTAINER="Jiri Suchomel <[email protected]>" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/missing new/yast2-kerberos-client-2.23.3/missing --- old/yast2-kerberos-client-2.23.1/missing 2012-09-07 10:07:05.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/missing 2012-12-19 12:36:28.000000000 +0100 @@ -1,10 +1,9 @@ #! /bin/sh # Common stub for a few missing GNU programs while installing. -scriptversion=2009-04-28.21; # UTC +scriptversion=2012-01-06.18; # UTC -# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006, -# 2008, 2009 Free Software Foundation, Inc. +# Copyright (C) 1996-2012 Free Software Foundation, Inc. # Originally by Fran,cois Pinard <[email protected]>, 1996. # This program is free software; you can redistribute it and/or modify @@ -26,7 +25,7 @@ # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "Try '$0 --help' for more information" exit 1 fi @@ -34,7 +33,7 @@ sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p' sed_minuso='s/.* -o \([^ ]*\).*/\1/p' -# In the cases where this matters, `missing' is being run in the +# In the cases where this matters, 'missing' is being run in the # srcdir already. if test -f configure.ac; then configure_ac=configure.ac @@ -65,7 +64,7 @@ echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... -Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an +Handle 'PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an error status if there is no known handling for PROGRAM. Options: @@ -74,21 +73,20 @@ --run try to run the given command, and emulate it if it fails Supported PROGRAM values: - aclocal touch file \`aclocal.m4' - autoconf touch file \`configure' - autoheader touch file \`config.h.in' + aclocal touch file 'aclocal.m4' + autoconf touch file 'configure' + autoheader touch file 'config.h.in' autom4te touch the output file, or create a stub one - automake touch all \`Makefile.in' files - bison create \`y.tab.[ch]', if possible, from existing .[ch] - flex create \`lex.yy.c', if possible, from existing .c + automake touch all 'Makefile.in' files + bison create 'y.tab.[ch]', if possible, from existing .[ch] + flex create 'lex.yy.c', if possible, from existing .c help2man touch the output file - lex create \`lex.yy.c', if possible, from existing .c + lex create 'lex.yy.c', if possible, from existing .c makeinfo touch the output file - tar try tar, gnutar, gtar, then tar without non-portable flags - yacc create \`y.tab.[ch]', if possible, from existing .[ch] + yacc create 'y.tab.[ch]', if possible, from existing .[ch] -Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and -\`g' are ignored when checking the name. +Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and +'g' are ignored when checking the name. Send bug reports to <[email protected]>." exit $? @@ -100,8 +98,8 @@ ;; -*) - echo 1>&2 "$0: Unknown \`$1' option" - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "$0: Unknown '$1' option" + echo 1>&2 "Try '$0 --help' for more information" exit 1 ;; @@ -122,22 +120,13 @@ # Not GNU programs, they don't have --version. ;; - tar*) - if test -n "$run"; then - echo 1>&2 "ERROR: \`tar' requires --run" - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - exit 1 - fi - ;; - *) if test -z "$run" && ($1 --version) > /dev/null 2>&1; then # We have it, but it failed. exit 1 elif test "x$2" = "x--version" || test "x$2" = "x--help"; then # Could not run --version or --help. This is probably someone - # running `$TOOL --version' or `$TOOL --help' to check whether + # running '$TOOL --version' or '$TOOL --help' to check whether # $TOOL exists and not knowing $TOOL uses missing. exit 1 fi @@ -149,27 +138,27 @@ case $program in aclocal*) echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acinclude.m4' or \`${configure_ac}'. You might want - to install the \`Automake' and \`Perl' packages. Grab them from +WARNING: '$1' is $msg. You should only need it if + you modified 'acinclude.m4' or '${configure_ac}'. You might want + to install the Automake and Perl packages. Grab them from any GNU archive site." touch aclocal.m4 ;; autoconf*) echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`${configure_ac}'. You might want to install the - \`Autoconf' and \`GNU m4' packages. Grab them from any GNU +WARNING: '$1' is $msg. You should only need it if + you modified '${configure_ac}'. You might want to install the + Autoconf and GNU m4 packages. Grab them from any GNU archive site." touch configure ;; autoheader*) echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acconfig.h' or \`${configure_ac}'. You might want - to install the \`Autoconf' and \`GNU m4' packages. Grab them +WARNING: '$1' is $msg. You should only need it if + you modified 'acconfig.h' or '${configure_ac}'. You might want + to install the Autoconf and GNU m4 packages. Grab them from any GNU archive site." files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` test -z "$files" && files="config.h" @@ -186,9 +175,9 @@ automake*) echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. - You might want to install the \`Automake' and \`Perl' packages. +WARNING: '$1' is $msg. You should only need it if + you modified 'Makefile.am', 'acinclude.m4' or '${configure_ac}'. + You might want to install the Automake and Perl packages. Grab them from any GNU archive site." find . -type f -name Makefile.am -print | sed 's/\.am$/.in/' | @@ -197,10 +186,10 @@ autom4te*) echo 1>&2 "\ -WARNING: \`$1' is needed, but is $msg. +WARNING: '$1' is needed, but is $msg. You might have modified some files without having the proper tools for further handling them. - You can get \`$1' as part of \`Autoconf' from any GNU + You can get '$1' as part of Autoconf from any GNU archive site." file=`echo "$*" | sed -n "$sed_output"` @@ -220,13 +209,13 @@ bison*|yacc*) echo 1>&2 "\ -WARNING: \`$1' $msg. You should only need it if - you modified a \`.y' file. You may need the \`Bison' package +WARNING: '$1' $msg. You should only need it if + you modified a '.y' file. You may need the Bison package in order for those modifications to take effect. You can get - \`Bison' from any GNU archive site." + Bison from any GNU archive site." rm -f y.tab.c y.tab.h if test $# -ne 1; then - eval LASTARG="\${$#}" + eval LASTARG=\${$#} case $LASTARG in *.y) SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` @@ -250,13 +239,13 @@ lex*|flex*) echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.l' file. You may need the \`Flex' package +WARNING: '$1' is $msg. You should only need it if + you modified a '.l' file. You may need the Flex package in order for those modifications to take effect. You can get - \`Flex' from any GNU archive site." + Flex from any GNU archive site." rm -f lex.yy.c if test $# -ne 1; then - eval LASTARG="\${$#}" + eval LASTARG=\${$#} case $LASTARG in *.l) SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` @@ -273,10 +262,10 @@ help2man*) echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if +WARNING: '$1' is $msg. You should only need it if you modified a dependency of a manual page. You may need the - \`Help2man' package in order for those modifications to take - effect. You can get \`Help2man' from any GNU archive site." + Help2man package in order for those modifications to take + effect. You can get Help2man from any GNU archive site." file=`echo "$*" | sed -n "$sed_output"` test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` @@ -291,12 +280,12 @@ makeinfo*) echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.texi' or \`.texinfo' file, or any other file +WARNING: '$1' is $msg. You should only need it if + you modified a '.texi' or '.texinfo' file, or any other file indirectly affecting the aspect of the manual. The spurious - call might also be the consequence of using a buggy \`make' (AIX, - DU, IRIX). You might want to install the \`Texinfo' package or - the \`GNU make' package. Grab either from any GNU archive site." + call might also be the consequence of using a buggy 'make' (AIX, + DU, IRIX). You might want to install the Texinfo package or + the GNU make package. Grab either from any GNU archive site." # The file to touch is that specified with -o ... file=`echo "$*" | sed -n "$sed_output"` test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` @@ -318,49 +307,14 @@ touch $file ;; - tar*) - shift - - # We have already tried tar in the generic part. - # Look for gnutar/gtar before invocation to avoid ugly error - # messages. - if (gnutar --version > /dev/null 2>&1); then - gnutar "$@" && exit 0 - fi - if (gtar --version > /dev/null 2>&1); then - gtar "$@" && exit 0 - fi - firstarg="$1" - if shift; then - case $firstarg in - *o*) - firstarg=`echo "$firstarg" | sed s/o//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - case $firstarg in - *h*) - firstarg=`echo "$firstarg" | sed s/h//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - fi - - echo 1>&2 "\ -WARNING: I can't seem to be able to run \`tar' with the given arguments. - You may want to install GNU tar or Free paxutils, or check the - command line arguments." - exit 1 - ;; - *) echo 1>&2 "\ -WARNING: \`$1' is needed, and is $msg. +WARNING: '$1' is needed, and is $msg. You might have modified some files without having the - proper tools for further handling them. Check the \`README' file, + proper tools for further handling them. Check the 'README' file, it often tells you about the needed prerequisites for installing this package. You may also peek at any GNU archive site, in case - some other package would contain this missing \`$1' program." + some other package would contain this missing '$1' program." exit 1 ;; esac diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/src/Kerberos.ycp new/yast2-kerberos-client-2.23.3/src/Kerberos.ycp --- old/yast2-kerberos-client-2.23.1/src/Kerberos.ycp 2012-10-04 10:14:03.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/src/Kerberos.ycp 2012-12-19 12:15:07.000000000 +0100 @@ -284,7 +284,20 @@ return WriteKrb5ConfValue (path_to_value, value); } +/** + * Read given value from /etc/sssd/sssd.conf + * @param default_value default, if not found in the file + */ +string ReadSSSDValue (string key, string default_value) { + string ret = default_value; + string val = (string) SCR::Read (add (add (.etc.sssd_conf.v, "domain/default"), key)); + if (val != nil) + { + ret = val; + } + return ret; +} /** * Reads Kerberos settings from the SCR @@ -443,9 +456,56 @@ sssd = Pam::Enabled ("sss"); + if (sssd && FileUtils::Exists ("/etc/sssd/sssd.conf")) + { + // read kerberos settings from sssd.conf (if available) + default_realm = ReadSSSDValue ("krb5_realm", default_realm); + kdc = ReadSSSDValue ("krb5_kdcip", kdc); + ExpertSettings["ccache_dir"] = ReadSSSDValue ("krb5_ccachedir", ExpertSettings["ccache_dir"]:""); + ExpertSettings["ccname_template"] = ReadSSSDValue ("krb5_ccname_template", ExpertSettings["ccname_template"]:""); + ExpertSettings["keytab"] = ReadSSSDValue ("krb5_keytab", ExpertSettings["keytab"]:""); + renew_lifetime = ReadSSSDValue ("krb5_renewable_lifetime", renew_lifetime); + ticket_lifetime = ReadSSSDValue ("krb5_lifetime", ticket_lifetime); + ExpertSettings["validate"] = tolower (ReadSSSDValue ("krb5_validate", ExpertSettings["validate"]:"")); + } return true; } +/** + * Write Kerberos related settings to sssd.conf + */ +boolean WriteSSSD () { + + y2milestone ("updating sssd.conf with new kerberos values"); + + path domain = add (.etc.sssd_conf.v, "domain/default"); + + SCR::Write (add (domain, "auth_provider"), "krb5"); + SCR::Write (add (domain, "chpass_provider"), "krb5"); + SCR::Write (add (domain, "krb5_realm"), default_realm); + // divide by commas: krb5_kdcip = kdcserver1, kdcserver2 (bnc#729174) + string krb5_kdcip = mergestring (splitstring (kdc, " "), ","); + SCR::Write (add (domain, "krb5_kdcip"), krb5_kdcip); + + // write expert settings (bnc#778513) + SCR::Write (add (domain, "krb5_ccachedir"), + ExpertSettings["ccache_dir"]:"" == "" ? nil : ExpertSettings["ccache_dir"]:""); + SCR::Write (add (domain, "krb5_ccname_template"), + ExpertSettings["ccname_template"]:"" == "" ? nil : ExpertSettings["ccname_template"]:""); + SCR::Write (add (domain, "krb5_validate"), + ExpertSettings["validate"]:"" == "true" ? "True" : "False"); + SCR::Write (add (domain, "krb5_keytab"), + ExpertSettings["keytab"]:"" == "" ? nil : ExpertSettings["keytab"]:""); + SCR::Write (add (domain, "krb5_renewable_lifetime"), renew_lifetime); + SCR::Write (add (domain, "krb5_lifetime"), ticket_lifetime); + + boolean ret = SCR::Write(.etc.sssd_conf, nil); + if (!ret) + { + y2error ("error writing sssd.conf file"); + } + return ret; +} /** * Saves Kerberos configuration. @@ -516,33 +576,6 @@ { y2milestone ("not using pam_krb5 because sssd is configured"); Pam::Remove ("krb5"); - - y2milestone ("updating sssd.conf with new kerberos values"); - - path domain = add (.etc.sssd_conf.v, "domain/default"); - SCR::Write (add (domain, "auth_provider"), "krb5"); - SCR::Write (add (domain, "chpass_provider"), "krb5"); - SCR::Write (add (domain, "krb5_realm"), default_realm); - // divide by commas: krb5_kdcip = kdcserver1, kdcserver2 (bnc#729174) - string krb5_kdcip = mergestring (splitstring (kdc, " "), ","); - SCR::Write (add (domain, "krb5_kdcip"), krb5_kdcip); - - // write expert settings (bnc#778513) - SCR::Write (add (domain, "krb5_ccachedir"), - ExpertSettings["ccache_dir"]:"" == "" ? nil : ExpertSettings["ccache_dir"]:""); - SCR::Write (add (domain, "ccname_template"), - ExpertSettings["ccname_template"]:"" == "" ? nil : ExpertSettings["ccname_template"]:""); - SCR::Write (add (domain, "krb5_validate"), - ExpertSettings["validate"]:"" == "true" ? "True" : "False"); - SCR::Write (add (domain, "krb5_keytab"), - ExpertSettings["keytab"]:"" == "" ? nil : ExpertSettings["keytab"]:""); - SCR::Write (add (domain, "krb5_renewable_lifetime"), renew_lifetime); - SCR::Write (add (domain, "krb5_lifetime"), ticket_lifetime); - - if (!SCR::Write(.etc.sssd_conf, nil)) - { - y2error ("error writing ldap.conf file"); - } } else if (use_pam_krb) { @@ -613,6 +646,11 @@ } if (modified) { + if (sssd) + { + WriteSSSD (); + } + /* 3. Yes, if the user chooses DNS you need to remove the domain_realm section (so that the domain->realm mapping can be read through DNS) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/src/dialogs.ycp new/yast2-kerberos-client-2.23.3/src/dialogs.ycp --- old/yast2-kerberos-client-2.23.1/src/dialogs.ycp 2012-09-20 15:43:51.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/src/dialogs.ycp 2012-12-19 12:35:29.000000000 +0100 @@ -196,6 +196,16 @@ */ define symbol ReadDialog() ``{ boolean ret = Kerberos::Read(); + + if (Kerberos::sssd) + { + // popup message + Popup::Message ("System Security Services Daemon (SSSD) is configured. +It is in use for Kerberos authentication instead of pam_krb5. + +SSSD specific options can be configured in LDAP Client Configuration module."); + } + return ret ? `next : `abort; } @@ -404,12 +414,6 @@ UI::ChangeWidget (`id (widget), `Enabled, use_pam_krb); }); } - if (Kerberos::sssd) - { - // popup message - Popup::Message ("System Security Services Daemon (SSSD) is configured. -It is in use for Kerberos authentication instead of pam_krb5."); - } } } while (!contains ([`back, `cancel, `abort, `next, `advanced], result)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/testsuite/tests/Read.out new/yast2-kerberos-client-2.23.3/testsuite/tests/Read.out --- old/yast2-kerberos-client-2.23.1/testsuite/tests/Read.out 2012-09-07 10:05:36.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/testsuite/tests/Read.out 2012-12-19 12:40:21.000000000 +0100 @@ -32,10 +32,18 @@ Read .etc.ssh.ssh_config.v."*"."GSSAPIAuthentication" "yes" Read .etc.ssh.ssh_config.v."*"."GSSAPIDelegateCredentials" "yes" Execute .target.bash_output "/usr/sbin/pam-config -q --sss" $["stdout":"password: "] +Read .etc.sssd_conf.v."domain/default"."krb5_realm" "SUSE.DE" +Read .etc.sssd_conf.v."domain/default"."krb5_kdcip" nil +Read .etc.sssd_conf.v."domain/default"."krb5_ccachedir" nil +Read .etc.sssd_conf.v."domain/default"."krb5_ccname_template" nil +Read .etc.sssd_conf.v."domain/default"."krb5_keytab" nil +Read .etc.sssd_conf.v."domain/default"."krb5_renewable_lifetime" nil +Read .etc.sssd_conf.v."domain/default"."krb5_lifetime" nil +Read .etc.sssd_conf.v."domain/default"."krb5_validate" nil Return true Dump ============================================ Dump kerberos used: true -Dump default realm: SUSE.CZ +Dump default realm: SUSE.DE Dump kdc: chimera.suse.cz kdc.suse.cz Dump Dump ssh support: true @@ -50,5 +58,5 @@ Read .etc.ssh.ssh_config.v."*"."GSSAPIDelegateCredentials" "yes" Execute .target.bash_output "/usr/sbin/pam-config -q --sss" $["stdout":"password: "] Return true -Dump default realm: SUSE.CZ +Dump default realm: SUSE.DE Dump ============================================ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-kerberos-client-2.23.1/testsuite/tests/Read.ycp new/yast2-kerberos-client-2.23.3/testsuite/tests/Read.ycp --- old/yast2-kerberos-client-2.23.1/testsuite/tests/Read.ycp 2012-09-07 10:05:36.000000000 +0200 +++ new/yast2-kerberos-client-2.23.3/testsuite/tests/Read.ycp 2012-12-19 12:15:07.000000000 +0100 @@ -80,6 +80,20 @@ ], ] ], + "sssd_conf" : $[ + "v" : $[ + "domain/default" : $[ + "krb5_realm" : "SUSE.DE", + "krb5_kdcip" : nil, + "krb5_ccachedir" : nil, + "krb5_ccname_template" : nil, + "krb5_keytab" : nil, + "krb5_renewable_lifetime" : nil, + "krb5_lifetime" : nil, + "krb5_validate" : nil, + ], + ], + ], ], "sysconfig": $[ "openafs-client": nil -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
