Hello community, here is the log from the commit of package yast2-auth-server for openSUSE:Factory checked in at 2014-07-13 14:06:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-auth-server (Old) and /work/SRC/openSUSE:Factory/.yast2-auth-server.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-auth-server" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-auth-server/yast2-auth-server.changes 2014-06-18 07:52:46.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-auth-server.new/yast2-auth-server.changes 2014-07-13 14:06:42.000000000 +0200 @@ -1,0 +2,8 @@ +Fri Jul 4 10:03:05 UTC 2014 - [email protected] + +- fix undefined method 'WriteKdbvalue' (bnc#885833) +- add Kerberos dialog to Replication Master Setup (bnc#885829) +- update kerberos stash when changing LDAP password (bnc#865296) +- 3.1.10 + +------------------------------------------------------------------- Old: ---- yast2-auth-server-3.1.9.tar.bz2 New: ---- yast2-auth-server-3.1.10.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-auth-server.spec ++++++ --- /var/tmp/diff_new_pack.XLbLgX/_old 2014-07-13 14:06:43.000000000 +0200 +++ /var/tmp/diff_new_pack.XLbLgX/_new 2014-07-13 14:06:43.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-server -Version: 3.1.9 +Version: 3.1.10 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-auth-server-3.1.9.tar.bz2 -> yast2-auth-server-3.1.10.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.9/package/yast2-auth-server.changes new/yast2-auth-server-3.1.10/package/yast2-auth-server.changes --- old/yast2-auth-server-3.1.9/package/yast2-auth-server.changes 2014-06-09 09:20:31.000000000 +0200 +++ new/yast2-auth-server-3.1.10/package/yast2-auth-server.changes 2014-07-08 11:25:31.000000000 +0200 @@ -1,4 +1,12 @@ ------------------------------------------------------------------- +Fri Jul 4 10:03:05 UTC 2014 - [email protected] + +- fix undefined method 'WriteKdbvalue' (bnc#885833) +- add Kerberos dialog to Replication Master Setup (bnc#885829) +- update kerberos stash when changing LDAP password (bnc#865296) +- 3.1.10 + +------------------------------------------------------------------- Sun Jun 8 06:24:03 UTC 2014 - [email protected] - bnc#881516 - OpenLDAP server mdb integration missing in yast diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.9/package/yast2-auth-server.spec new/yast2-auth-server-3.1.10/package/yast2-auth-server.spec --- old/yast2-auth-server-3.1.9/package/yast2-auth-server.spec 2014-06-09 09:20:31.000000000 +0200 +++ new/yast2-auth-server-3.1.10/package/yast2-auth-server.spec 2014-07-08 11:25:31.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-server -Version: 3.1.9 +Version: 3.1.10 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.9/src/include/auth-server/kerberos_advanced.rb new/yast2-auth-server-3.1.10/src/include/auth-server/kerberos_advanced.rb --- old/yast2-auth-server-3.1.9/src/include/auth-server/kerberos_advanced.rb 2014-06-09 09:20:31.000000000 +0200 +++ new/yast2-auth-server-3.1.10/src/include/auth-server/kerberos_advanced.rb 2014-07-08 11:25:31.000000000 +0200 @@ -1540,7 +1540,7 @@ def set_adv_kdb_subtrees Builtins.y2debug("calling set_adv_kdb_subtrees") - AuthServer.WriteKdbvalue( + AuthServer.WriteKerberosLdapDBvalue( "kdb_subtrees", Convert.to_string(UI.QueryWidget(Id(:id_kdb_subtrees), :Value)) ) @@ -1550,7 +1550,7 @@ "radiobutton val: %1", UI.QueryWidget(Id(:sub), :Value) ) - AuthServer.WriteKdbvalue("kdb_sscope", i == true ? "sub" : "one") + AuthServer.WriteKerberosLdapDBvalue("kdb_sscope", i == true ? "sub" : "one") nil end @@ -1572,7 +1572,7 @@ def set_adv_kdb_containerref Builtins.y2debug("calling set_adv_kdb_containerref") - AuthServer.WriteKdbvalue( + AuthServer.WriteKerberosLdapDBvalue( "kdb_containerref", Convert.to_string(UI.QueryWidget(Id(:id_kdb_containerref), :Value)) ) @@ -1625,7 +1625,7 @@ if Convert.to_boolean( UI.QueryWidget(Id(:id_kdb_maxtktlife_available), :Value) ) == false - AuthServer.WriteKdbvalue("kdb_maxtktlife", "") + AuthServer.WriteKerberosLdapDBvalue("kdb_maxtktlife", "") else s = Builtins.tostring( Convert.to_integer( @@ -1638,7 +1638,7 @@ Convert.to_string(UI.QueryWidget(Id(:id_kdb_maxtktlife_time), :Value)) ) - AuthServer.WriteKdbvalue("kdb_maxtktlife", s) + AuthServer.WriteKerberosLdapDBvalue("kdb_maxtktlife", s) end nil @@ -1690,7 +1690,7 @@ if Convert.to_boolean( UI.QueryWidget(Id(:id_kdb_maxrenewlife_available), :Value) ) == false - AuthServer.WriteKdbvalue("kdb_maxrenewlife", "") + AuthServer.WriteKerberosLdapDBvalue("kdb_maxrenewlife", "") else s = Builtins.tostring( Convert.to_integer( @@ -1705,7 +1705,7 @@ ) ) - AuthServer.WriteKdbvalue("kdb_maxrenewlife", s) + AuthServer.WriteKerberosLdapDBvalue("kdb_maxrenewlife", s) end nil @@ -1866,7 +1866,7 @@ flags = Ops.add(flags, "-password_changing_service ") end - AuthServer.WriteKdbvalue("kdb_flags", flags) + AuthServer.WriteKerberosLdapDBvalue("kdb_flags", flags) nil end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.9/src/include/auth-server/tree_structure.rb new/yast2-auth-server-3.1.10/src/include/auth-server/tree_structure.rb --- old/yast2-auth-server-3.1.9/src/include/auth-server/tree_structure.rb 2014-06-09 09:20:31.000000000 +0200 +++ new/yast2-auth-server-3.1.10/src/include/auth-server/tree_structure.rb 2014-07-08 11:25:31.000000000 +0200 @@ -864,6 +864,9 @@ ) Builtins.y2milestone("new hash: %1", newhash) AuthServer.UpdateDatabase(index, { "rootpw" => newhash }) + if newpw["updstash"] + AuthServer.StashKerberosPassword(newpw["password"]) + end else Builtins.y2milestone("password change cancelled") end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.9/src/include/auth-server/widgets.rb new/yast2-auth-server-3.1.10/src/include/auth-server/widgets.rb --- old/yast2-auth-server-3.1.9/src/include/auth-server/widgets.rb 2014-06-09 09:20:31.000000000 +0200 +++ new/yast2-auth-server-3.1.10/src/include/auth-server/widgets.rb 2014-07-08 11:25:31.000000000 +0200 @@ -398,6 +398,7 @@ def ChangeAdminPassword result = nil + kerberos = AuthServer.ReadKerberosEnabled content = VBox( Heading(_("Change Administrator Password")), Password(Id(:te_rootpw), _("New Administrator &Password")), @@ -405,6 +406,8 @@ Password(Id(:te_valid_rootpw), _("&Validate Password")), HSpacing(0.5), ComboBox(Id(:cb_cryptmethod), _("Password &Encryption"), @enc_types), + HSpacing(1), + CheckBox(Id(:cb_update_stash), _("Update Kerberos Stash"), kerberos), Wizard.CancelOKButtonBox ) UI.OpenDialog(Opt(:decorated), content) @@ -416,6 +419,7 @@ pw = Convert.to_string(UI.QueryWidget(:te_rootpw, :Value)) verifypw = Convert.to_string(UI.QueryWidget(:te_valid_rootpw, :Value)) hashAlgo = Convert.to_string(UI.QueryWidget(:cb_cryptmethod, :Value)) + updstash = Convert.to_boolean(UI.QueryWidget(:cb_update_stash, :Value)) if Builtins.size(pw) == 0 Popup.Error(_("Enter a password")) UI.ChangeWidget(:te_rootpw, :Value, "") @@ -424,6 +428,7 @@ result = {} Ops.set(result, "password", pw) Ops.set(result, "hashAlgo", hashAlgo) + Ops.set(result, "updstash", updstash) break else Popup.Error( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.9/src/include/auth-server/wizards.rb new/yast2-auth-server-3.1.10/src/include/auth-server/wizards.rb --- old/yast2-auth-server-3.1.9/src/include/auth-server/wizards.rb 2014-06-09 09:20:31.000000000 +0200 +++ new/yast2-auth-server-3.1.10/src/include/auth-server/wizards.rb 2014-07-08 11:25:31.000000000 +0200 @@ -167,16 +167,19 @@ :mastersetup => "mastersetup", :abort => :abort }, + "mastersetup" => { + :next => "kerberos", + :abort => :abort + }, "kerberos" => { - :next => "summary", + :next => "summary", :advanced => "kerberos_adv" - }, + }, "kerberos_adv" => { :abort => :abort, :next => "kerberos", :back => "kerberos" - }, - "mastersetup" => { :next => "summary", :abort => :abort }, + }, "summary" => { :next => "write", :abort => :abort, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.9/src/modules/AuthServer.pm new/yast2-auth-server-3.1.10/src/modules/AuthServer.pm --- old/yast2-auth-server-3.1.9/src/modules/AuthServer.pm 2014-06-09 09:20:31.000000000 +0200 +++ new/yast2-auth-server-3.1.10/src/modules/AuthServer.pm 2014-07-08 11:25:31.000000000 +0200 @@ -3515,28 +3515,34 @@ return 0; } + return $self->StashKerberosPassword($ldapkadmpw); +} - @cmdArgs = (); +BEGIN { $TYPEINFO {StashKerberosPassword} = ["function", "boolean", "string"]; } +sub StashKerberosPassword() +{ + my ($self, $kadmpw) = @_; + + my @cmdArgs = (); push @cmdArgs, "stashsrvpw"; push @cmdArgs, "-f", $ldapdb->{ldap_service_password_file}; push @cmdArgs, $ldapdb->{ldap_kdc_dn}; y2milestone("Command: /usr/lib/mit/sbin/kdb5_ldap_util ".join(" ",@cmdArgs)); - $pid = open3(\*IN, \*OUT, \*ERR, "/usr/lib/mit/sbin/kdb5_ldap_util", @cmdArgs) + my $pid = open3(\*IN, \*OUT, \*ERR, "/usr/lib/mit/sbin/kdb5_ldap_util", @cmdArgs) or do { y2error("Can not execute kdb5_ldap_util: $!"); $self->SetError( _("Cannot execute kdb5_ldap_util."), "$!" ); return 0; }; - - print IN "$ldapkadmpw\n"; # ldap kdc password - print IN "$ldapkadmpw\n"; # verify ldap kdc password + print IN "$kadmpw\n"; # ldap kdc password + print IN "$kadmpw\n"; # verify ldap kdc password close IN; - $out = ""; - $err = ""; + my $out = ""; + my $err = ""; while (<OUT>) { $out .= "$_"; @@ -3554,7 +3560,7 @@ chomp($err); y2error("Error during kdb5_ldap_util call: $err"); } - $code = ($?>>8); + my $code = ($?>>8); if($code != 0) { $self->SetError( _("Writing to password file failed."), "$err" ); @@ -3576,8 +3582,8 @@ return 0; }; - print IN "$ldapkadmpw\n"; # ldap kadmin password - print IN "$ldapkadmpw\n"; # verify ldap kadmin password + print IN "$kadmpw\n"; # ldap kadmin password + print IN "$kadmpw\n"; # verify ldap kadmin password close IN; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
