Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cepces for openSUSE:Factory checked in at 2022-10-25 11:18:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cepces (Old) and /work/SRC/openSUSE:Factory/.cepces.new.2275 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cepces" Tue Oct 25 11:18:47 2022 rev:7 rq:1030897 version:0.3.6 Changes: -------- --- /work/SRC/openSUSE:Factory/cepces/cepces.changes 2022-05-22 20:25:57.582134462 +0200 +++ /work/SRC/openSUSE:Factory/.cepces.new.2275/cepces.changes 2022-10-25 11:18:57.277996642 +0200 @@ -1,0 +2,22 @@ +Thu Oct 20 12:15:15 UTC 2022 - David Mulder <[email protected]> + +Release v0.3.6: +- Fix Bug #15 cepces.conf.dist: server should be pointed to actual CEP host +- Replace old requests_kerberos with requests_gssapi +- setup: Do not install example configs +- setup: Respect the prefix the user specifies +- Delete the spec file +- Make Kerberos delegation configurable +- Fix Bug #24 cepces-submit 'TypeError: option values must be strings' +- Removed b755b56d25f3e54f8f15d9985fd0597b21c1051d.patch because + it is now upstream. + +------------------------------------------------------------------- +Wed Jun 01 18:58:29 UTC 2022 - David Mulder <[email protected]> + +Release v0.3.5: +- Added polling_interval which tells certmonger how long to wait in seconds before retrying. +- Implemented Certificate authentication method. +- Python 3.10 compatible. + +------------------------------------------------------------------- Old: ---- b755b56d25f3e54f8f15d9985fd0597b21c1051d.patch cepces-0.3.4.tar.bz2 New: ---- cepces-0.3.6.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cepces.spec ++++++ --- /var/tmp/diff_new_pack.EIoxI6/_old 2022-10-25 11:18:57.825997856 +0200 +++ /var/tmp/diff_new_pack.EIoxI6/_new 2022-10-25 11:18:57.833997874 +0200 @@ -21,14 +21,13 @@ %global logdir %{_localstatedir}/log/%{app_name} Name: %{app_name} -Version: 0.3.4 +Version: 0.3.6 Release: 0%{?dist} Summary: Certificate Enrollment through CEP/CES License: GPL-3.0-or-later URL: https://github.com/ufven/%{app_name} Source0: %{name}-%{version}.tar.bz2 -Patch1: https://github.com/openSUSE/cepces/pull/11/commits/b755b56d25f3e54f8f15d9985fd0597b21c1051d.patch BuildArch: noarch Requires: %{app_name}-certmonger == %{version} @@ -47,12 +46,12 @@ BuildRequires: python3-cryptography >= 1.2 BuildRequires: python3-devel BuildRequires: python3-requests -BuildRequires: python3-requests-kerberos >= 0.9 +BuildRequires: python3-requests-gssapi BuildRequires: python3-setuptools Requires: python3-cryptography >= 1.2 Requires: python3-requests -Requires: python3-requests-kerberos >= 0.9 +Requires: python3-requests-gssapi %description -n python3-%{app_name} %{app_name} is an application for enrolling certificates through CEP and CES. @@ -83,7 +82,6 @@ %prep %setup -q -n %{app_name}-%{version} -%autopatch -p1 %build %py3_build ++++++ cepces-0.3.4.tar.bz2 -> cepces-0.3.6.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/bin/cepces-submit new/cepces-0.3.6/bin/cepces-submit --- old/cepces-0.3.4/bin/cepces-submit 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/bin/cepces-submit 2022-10-20 13:58:52.000000000 +0200 @@ -83,17 +83,21 @@ choices=['Anonymous', 'Kerberos', 'UsernamePassword', 'Certificate'], default='Kerberos') + parser.add_argument('--poll_interval', + help='Time in seconds before re-checking if the certificate has been issued') parser.add_argument('--keytab', help='Use the specified keytab') parser.add_argument('--principals', help='A list of principals to try when requesting a ticket') args = parser.parse_args() + g_overrides = {} if args.server is not None: - g_overrides = { 'server': args.server, 'auth': args.auth } + g_overrides['server'] = args.server + g_overrides['auth'] = args.auth endpoint = 'https://%s/ADPolicyProvider_CEP_%s/service.svc/CEP' % \ (args.server, args.auth) g_overrides['endpoint'] = endpoint - else: - g_overrides = {} + if args.poll_interval is not None: + g_overrides['poll_interval'] = args.poll_interval k_overrides = {} if args.keytab is not None: k_overrides['keytab'] = args.keytab diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces/__init__.py new/cepces-0.3.6/cepces/__init__.py --- old/cepces-0.3.4/cepces/__init__.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces/__init__.py 2022-10-20 13:58:52.000000000 +0200 @@ -22,8 +22,8 @@ __title__ = 'cepces' __description__ = 'CEP/CES library.' -__url__ = 'https://github.com/ufven/cepces/' -__version__ = '0.3.4' +__url__ = 'https://github.com/openSUSE/cepces/' +__version__ = '0.3.6' __author__ = 'Daniel Uvehag' __author_email__ = '[email protected]' __license__ = 'GPLv3' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces/auth.py new/cepces-0.3.6/cepces/auth.py --- old/cepces-0.3.4/cepces/auth.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces/auth.py 2022-10-20 13:58:52.000000000 +0200 @@ -23,6 +23,11 @@ from cepces.soap import auth as SOAPAuth +def strtobool(value): + if str(value).lower() in ('t', 'true', 'y', 'yes', '1'): + return True + return False + class AuthenticationHandler(Base, metaclass=ABCMeta): """Base class for any authentication handled.""" def __init__(self, parser): @@ -56,6 +61,7 @@ ccache = section.get('ccache', True) principals = section.get('principals', '') enctypes = section.get('enctypes', '') + delegate = strtobool(section.get('delegate', True)) # Decode all encryption types. etypes = [] @@ -82,6 +88,7 @@ principal_name=principal, init_ccache=ccache, keytab=keytab, + delegate=delegate, ) except KerberosError: # Ignore @@ -119,4 +126,20 @@ """Handler for Certificate based authentication.""" def handle(self): """Constructs and returns a SOAPAuth authentication handler.""" - raise NotImplementedError() + parser = self._parser + + # Ensure there's a certificate section present. + if 'certificate' not in parser: + raise RuntimeError( + 'Missing "certificate" section in configuration.', + ) + + section = parser['certificate'] + + certfile = section.get('certfile', None) + keyfile = section.get('keyfile', None) + + return SOAPAuth.TransportCertificateAuthentication( + certfile, + keyfile, + ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces/certmonger/operation.py new/cepces-0.3.6/cepces/certmonger/operation.py --- old/cepces-0.3.4/cepces/certmonger/operation.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces/certmonger/operation.py 2022-10-20 13:58:52.000000000 +0200 @@ -132,14 +132,15 @@ # Output a "cookie" that can be used to later poll the status. print( - '{},{}'.format( + '{}\n{},{}'.format( + service._config.poll_interval, result.request_id, result.reference, ), file=self._out, ) - return CertmongerResult.WAIT + return CertmongerResult.WAITMORE class Poll(Operation): @@ -172,14 +173,15 @@ # Output a "cookie" that can be used to later poll the status. print( - '{},{}'.format( + '{}\n{},{}'.format( + service._config.poll_interval, result.request_id, result.reference, ), file=self._out, ) - return CertmongerResult.WAIT + return CertmongerResult.WAITMORE class Identify(Operation): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces/config.py new/cepces-0.3.6/cepces/config.py --- old/cepces-0.3.4/cepces/config.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces/config.py 2022-10-20 13:58:52.000000000 +0200 @@ -52,16 +52,17 @@ 'Anonymous': SOAPAuth.AnonymousAuthentication, 'Kerberos': SOAPAuth.TransportKerberosAuthentication, 'UsernamePassword': SOAPAuth.MessageUsernamePasswordAuthentication, - 'Certificate': SOAPAuth.MessageCertificateAuthentication, + 'Certificate': SOAPAuth.TransportCertificateAuthentication, } - def __init__(self, endpoint, endpoint_type, cas, auth): + def __init__(self, endpoint, endpoint_type, cas, auth, poll_interval): super().__init__() self._endpoint = endpoint self._endpoint_type = endpoint_type self._cas = cas self._auth = auth + self._poll_interval = poll_interval @property def endpoint(self): @@ -83,6 +84,11 @@ """Return the authentication method.""" return self._auth + @property + def poll_interval(self): + """Return the poll interval.""" + return self._poll_interval + @classmethod def load(cls, files=None, dirs=None, global_overrides=None, krb5_overrides=None): @@ -149,7 +155,7 @@ section = parser['global'] # Ensure certain required variables are present. - for var in ['endpoint', 'auth', 'type']: + for var in ['endpoint', 'auth', 'type', 'poll_interval']: if var not in section: raise RuntimeError( 'Missing "{}/{}" variable in configuration.'.format( @@ -171,8 +177,9 @@ endpoint_type = section.get('type') authn = Configuration.AUTH_HANDLER_MAP[section['auth']](parser) cas = section.get('cas', True) + poll_interval = section.get('poll_interval') if cas == '': cas = False - return Configuration(endpoint, endpoint_type, cas, authn.handle()) + return Configuration(endpoint, endpoint_type, cas, authn.handle(), poll_interval) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces/soap/auth.py new/cepces-0.3.6/cepces/soap/auth.py --- old/cepces-0.3.4/cepces/soap/auth.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces/soap/auth.py 2022-10-20 13:58:52.000000000 +0200 @@ -21,7 +21,8 @@ """This module contains SOAP related authentication.""" from abc import ABCMeta, abstractmethod, abstractproperty import os -from requests_kerberos import HTTPKerberosAuth +import gssapi +from requests_gssapi import HTTPSPNEGOAuth from cepces import Base from cepces.krb5 import types as ktypes from cepces.krb5.core import Context, Keytab, Principal @@ -35,6 +36,11 @@ """Property containing authentication mechanism for the transport layer (i.e. requests).""" + @abstractproperty + def clientcertificate(self): + """Property containing TLS client certificate ??nformation for the transport layer + (i.e. requests).""" + @abstractmethod def post_process(self, envelope): """Method for securing (post processing) a SOAP envelope.""" @@ -56,7 +62,7 @@ class TransportKerberosAuthentication(Authentication): """Kerberos authentication on the transport level.""" def __init__(self, principal_name=None, init_ccache=True, keytab=None, - enctypes=None): + enctypes=None, delegate=True): super().__init__() self._config = {} @@ -64,6 +70,7 @@ self._config['init_ccache'] = init_ccache self._config['keytab'] = keytab self._config['enctypes'] = enctypes + self._config['delegate'] = delegate # Only initialize a credential cache if requested. Otherwise, rely on # a credential cache already being available. @@ -112,13 +119,18 @@ os.environ["KRB5CCNAME"] = ccache_name def _init_transport(self): - self._transport = HTTPKerberosAuth(principal=self._config['name'], - delegate=True) + name = gssapi.Name(self._config['name'], gssapi.NameType.user) + creds = gssapi.Credentials(name=name, usage="initiate") + self._transport = HTTPSPNEGOAuth(creds=creds, delegate=self._config['delegate']) @property def transport(self): return self._transport + @property + def clientcertificate(self): + return None + def post_process(self, envelope): # Nothing to be done here. return envelope @@ -135,15 +147,29 @@ def transport(self): return None + @property + def clientcertificate(self): + return None + def post_process(self, envelope): raise NotImplementedError() -class MessageCertificateAuthentication(Authentication): - """Message authentication using a client certificate.""" +class TransportCertificateAuthentication(Authentication): + """Transport authentication using a client certificate.""" + def __init__(self, certfile, keyfile): + super().__init__() + self._certfile = certfile + self._keyfile = keyfile + @property def transport(self): - raise NotImplementedError() + return None + + @property + def clientcertificate(self): + return ( self._certfile, self._keyfile ) def post_process(self, envelope): - raise NotImplementedError() + # Nothing to be done here. + return envelope diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces/soap/service.py new/cepces-0.3.6/cepces/soap/service.py --- old/cepces-0.3.4/cepces/soap/service.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces/soap/service.py 2022-10-20 13:58:52.000000000 +0200 @@ -75,12 +75,15 @@ # Post process the envelope. if self._auth: message = self._auth.post_process(message) + data = ElementTree.tostring(message.element) + self._logger.debug(" -data after post-processing: %s", data) # Post the envelope and raise an error if necessary. req = requests.post(url=self._endpoint, data=data, headers=headers, verify=self._capath, + cert=self._auth.clientcertificate, auth=self._auth.transport) # If we get an internal server error (code 500), there's a chance that diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces/xml/binding.py new/cepces-0.3.6/cepces/xml/binding.py --- old/cepces-0.3.4/cepces/xml/binding.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces/xml/binding.py 2022-10-20 13:58:52.000000000 +0200 @@ -18,7 +18,7 @@ # pylint: disable=protected-access,too-few-public-methods,too-many-arguments # pylint: disable=too-many-ancestors """Module containing XML bindings.""" -from collections import MutableSequence +from collections.abc import MutableSequence from xml.etree import ElementTree import inspect from abc import ABCMeta, abstractmethod diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/cepces.spec new/cepces-0.3.6/cepces.spec --- old/cepces-0.3.4/cepces.spec 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/cepces.spec 1970-01-01 01:00:00.000000000 +0100 @@ -1,174 +0,0 @@ -%global app_name cepces -%global selinux_variants targeted -%global logdir %{_localstatedir}/log/%{app_name} - -Name: %{app_name} -Version: 0.3.3 -Release: 2%{?dist} -Summary: Certificate Enrollment through CEP/CES - -License: GPLv3+ -URL: https://github.com/ufven/%{app_name} -Source0: https://github.com/ufven/%{app_name}/archive/v%{version}/%{app_name}-%{version}.tar.gz -BuildArch: noarch - -Requires: python%{python3_pkgversion}-%{app_name} == %{version} -Requires: %{app_name}-certmonger == %{version} -Requires: %{app_name}-selinux == %{version} - -%description -%{app_name} is an application for enrolling certificates through CEP and CES. -It currently only operates through certmonger. - -%package -n python%{python3_pkgversion}-%{app_name} -Summary: Python part of %{app_name} - -BuildRequires: python%{python3_pkgversion}-devel -BuildRequires: python%{python3_pkgversion}-setuptools -BuildRequires: python%{python3_pkgversion}-cryptography >= 1.2 -BuildRequires: python%{python3_pkgversion}-requests -BuildRequires: python%{python3_pkgversion}-requests-kerberos >= 0.9 - -Requires: python%{python3_pkgversion}-cryptography >= 1.2 -Requires: python%{python3_pkgversion}-requests -Requires: python%{python3_pkgversion}-requests-kerberos >= 0.9 - -%description -n python%{python3_pkgversion}-%{app_name} -%{app_name} is an application for enrolling certificates through CEP and CES. -This package provides the Python part for CEP and CES interaction. - -%package certmonger -Summary: certmonger integration for %{app_name} - -Requires: certmonger - -%description certmonger -%{app_name} is an application for enrolling certificates through CEP and CES. -This package provides the certmonger integration. - -%package selinux -Summary: SELinux support for %{app_name} - -BuildRequires: selinux-policy-devel - -Requires: selinux-policy -Requires(post): selinux-policy-targeted - -%description selinux -SELinux support for %{app_name} - -%prep -%setup -q -n %{app_name}-%{version} - -%build -%py3_build - -# Build the SELinux module(s). -for SELINUXVARIANT in %{selinux_variants}; do - make -C selinux clean all - mv -v selinux/%{app_name}.pp selinux/%{app_name}-${SELINUXVARIANT}.pp -done - -%install -%py3_install - -install -d -m 0700 %{buildroot}%{logdir} - -# Install the SELinux module(s). -rm -fv selinux-files.txt - -for SELINUXVARIANT in %{selinux_variants}; do - install -d %{buildroot}%{_datadir}/selinux/${SELINUXVARIANT} - install -p -m 644 selinux/%{app_name}-${SELINUXVARIANT}.pp \ - %{buildroot}%{_datadir}/selinux/${SELINUXVARIANT}/%{app_name}.pp - - echo %{_datadir}/selinux/${SELINUXVARIANT}/%{app_name}.pp >> \ - selinux-files.txt -done - -# Install configuration files. -install -d %{buildroot}%{_sysconfdir}/%{app_name} -install -p -m 644 conf/cepces.conf.dist \ - %{buildroot}%{_sysconfdir}/%{app_name}/cepces.conf -install -p -m 644 conf/logging.conf.dist \ - %{buildroot}%{_sysconfdir}/%{app_name}/logging.conf - -install -d %{buildroot}%{_libexecdir}/certmonger -install -p -m 755 bin/%{app_name}-submit \ - %{buildroot}%{_libexecdir}/certmonger/%{app_name}-submit - -# Remove unused executables and configuration files. -%{__rm} -rfv %{buildroot}/usr/local/etc -%{__rm} -rfv %{buildroot}/usr/local/libexec/certmonger - -%post selinux -for SELINUXVARIANT in %{selinux_variants}; do - %{_sbindir}/semodule -n -s ${SELINUXVARIANT} \ - -i %{_datadir}/selinux/${SELINUXVARIANT}/%{app_name}.pp - - if %{_sbindir}/selinuxenabled; then - %{_sbindir}/load_policy - fi -done - -%postun selinux -if [ $1 -eq 0 ] -then - for SELINUXVARIANT in %{selinux_variants}; do - %{_sbindir}/semodule -n -s ${SELINUXVARIANT} -r %{app_name} > /dev/null || : - - if %{_sbindir}/selinuxenabled; then - %{_sbindir}/load_policy - fi - done -fi - -%post certmonger -# Install the CA into certmonger. -if [[ "$1" == "1" ]]; then - getcert add-ca -c %{app_name} \ - -e %{_libexecdir}/certmonger/%{app_name}-submit >/dev/null || : -fi - -%preun certmonger -# Remove the CA from certmonger, unless it's an upgrade. -if [[ "$1" == "0" ]]; then - getcert remove-ca -c %{app_name} >/dev/null || : -fi - -%check -%{__python3} setup.py test - -%files -%doc LICENSE -%doc README.rst -%dir %{_sysconfdir}/%{app_name}/ -%config(noreplace) %{_sysconfdir}/%{app_name}/%{app_name}.conf -%config(noreplace) %{_sysconfdir}/%{app_name}/logging.conf -%dir %{logdir} - -%files -n python%{python3_pkgversion}-%{app_name} -%{python3_sitelib}/%{app_name} -%{python3_sitelib}/%{app_name}-%{version}-py?.?.egg-info - -%files certmonger -%{_libexecdir}/certmonger/%{app_name}-submit - -%files selinux -f selinux-files.txt -%defattr(0644,root,root,0755) - -%changelog -* Mon Jul 29 2019 Daniel Uvehag <[email protected]> - 0.3.3-2 -- Add missing log directory - -* Mon Jul 29 2019 Daniel Uvehag <[email protected]> - 0.3.3-1 -- Update to version 0.3.3-1 - -* Mon Feb 05 2018 Daniel Uvehag <[email protected]> - 0.3.0-1 -- Update to version 0.3.0-1 - -* Thu Feb 01 2018 Daniel Uvehag <[email protected]> - 0.2.1-1 -- Update to version 0.2.1-1 - -* Mon Jun 27 2016 Daniel Uvehag <[email protected]> - 0.1.0-1 -- Initial package. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/conf/cepces.conf.dist new/cepces-0.3.6/conf/cepces.conf.dist --- old/cepces-0.3.4/conf/cepces.conf.dist 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/conf/cepces.conf.dist 2022-10-20 13:58:52.000000000 +0200 @@ -1,6 +1,6 @@ [global] -# Hostname of the issuing certification authority. This is an optional setting -# and is only used to construct the URL to the Policy Provider endpoint. +# Hostname of the Certificate Enrollment Policy (CEP) Server. +# Used to construct the URL to the CEP endpoint. # # Default: ca server=ca @@ -25,8 +25,8 @@ # Message level authentication. The credentials are used in the # message header for authentication. # * Certificate -# Message level authentication. A client certificate is used to -# sign the message. This is not yet implemented. +# Transport level authentication. A client certificate is used +# for TLS client authentication in the HTTPS layer. # # Default: Kerberos auth=Kerberos @@ -45,6 +45,9 @@ # Default: <not defined> #cas= +# Time in seconds before re-checking if the certificate has been issued +poll_interval=3600 + [kerberos] # Use the specified keytab. If unspecified, the system default is used. # @@ -82,3 +85,25 @@ arcfour-hmac aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96 + +# When the webenrollment services and the CA aren't installed on the same +# machine you will get a access denied error if kerberos delegation is +# disabled. This is enabled by default. +# +# Default: True +delegate=True + +[certificate] +# Use the following client certificate, +# given as OpenSSL format certificate file. +# The issuer CA certificate of this client certificate must be included +# in the AD NTAuth container. +# +# Default: <not defined> +#certfile = /path/to/openssl-certfile.pem + +# Use the following client certificate key, +# given as OpenSSL format private key file without passphrase protection. +# +# Default: <not defined> +#keyfile = /path/to/openssl-keyfile.pem diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/requirements.txt new/cepces-0.3.6/requirements.txt --- old/cepces-0.3.4/requirements.txt 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/requirements.txt 2022-10-20 13:58:52.000000000 +0200 @@ -1,3 +1,3 @@ cryptography>=1.2 requests -requests_kerberos>=0.9 +requests_gssapi>=1.2.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/selinux/cepces.te new/cepces-0.3.6/selinux/cepces.te --- old/cepces-0.3.4/selinux/cepces.te 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/selinux/cepces.te 2022-10-20 13:58:52.000000000 +0200 @@ -1,4 +1,4 @@ -policy_module(cepces, 0.3.4) +policy_module(cepces, 0.3.6) require { type certmonger_t; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/cepces-0.3.4/setup.py new/cepces-0.3.6/setup.py --- old/cepces-0.3.4/setup.py 2021-07-19 16:14:02.000000000 +0200 +++ new/cepces-0.3.6/setup.py 2022-10-20 13:58:52.000000000 +0200 @@ -41,7 +41,7 @@ license=cepces.__license__, classifiers=[ - 'Development Status :: 4 - Beta', + 'Development Status :: 5 - Production/Stable', 'Environment :: Console', @@ -50,9 +50,9 @@ 'License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)', - 'Programming Language :: Python :: 3.4', - 'Programming Language :: Python :: 3.5', - 'Programming Language :: Python :: 3.6', + 'Programming Language :: Python :: 3.8', + 'Programming Language :: Python :: 3.9', + 'Programming Language :: Python :: 3.10', ], keywords='certificate ca cep ces adcs wstep xcep', @@ -68,14 +68,7 @@ ], data_files=[ - ('/usr/local/libexec/certmonger', ['bin/cepces-submit']), - ( - '/usr/local/etc/cepces', - [ - 'conf/cepces.conf.dist', - 'conf/logging.conf.dist', - ] - ), + ('libexec/certmonger', ['bin/cepces-submit']), ], install_requires=[],
